Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-22874 (GCVE-0-2025-22874)
Vulnerability from cvelistv5
Published
2025-06-11 16:42
Modified
2025-06-16 20:26
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | crypto/x509 |
Version: 1.24.0-0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-22874",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-11T17:45:40.672701Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T17:46:34.625Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/x509",
"product": "crypto/x509",
"programRoutines": [
{
"name": "Certificate.Verify"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.24.4",
"status": "affected",
"version": "1.24.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Krzysztof Skrz\u0119tnicki (@Tener) of Teleport"
}
],
"descriptions": [
{
"lang": "en",
"value": "Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-295: Improper Certificate Validation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T20:26:53.242Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/670375"
},
{
"url": "https://go.dev/issue/73612"
},
{
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"title": "Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-22874",
"datePublished": "2025-06-11T16:42:52.856Z",
"dateReserved": "2025-01-08T19:11:42.835Z",
"dateUpdated": "2025-06-16T20:26:53.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-22874\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-06-11T17:15:42.167\",\"lastModified\":\"2025-06-12T16:06:20.180\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.\"},{\"lang\":\"es\",\"value\":\"Al llamar a Verify con un VerifyOptions.KeyUsages que contiene ExtKeyUsageAny, se deshabilit\u00f3 involuntariamente la validaci\u00f3n de pol\u00edticas. Esto solo afect\u00f3 a las cadenas de certificados que contienen gr\u00e1ficos de pol\u00edticas, lo cual es poco com\u00fan.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"references\":[{\"url\":\"https://go.dev/cl/670375\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/73612\",\"source\":\"security@golang.org\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-3749\",\"source\":\"security@golang.org\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-22874\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-11T17:45:40.672701Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-11T17:46:04.244Z\"}}], \"cna\": {\"title\": \"Usage of ExtKeyUsageAny disables policy validation in crypto/x509\", \"credits\": [{\"lang\": \"en\", \"value\": \"Krzysztof Skrz\\u0119tnicki (@Tener) of Teleport\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"crypto/x509\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.24.0-0\", \"lessThan\": \"1.24.4\", \"versionType\": \"semver\"}], \"packageName\": \"crypto/x509\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Certificate.Verify\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/670375\"}, {\"url\": \"https://go.dev/issue/73612\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-3749\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-295: Improper Certificate Validation\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-06-16T20:26:53.242Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-22874\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-16T20:26:53.242Z\", \"dateReserved\": \"2025-01-08T19:11:42.835Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2025-06-11T16:42:52.856Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
rhsa-2025:13932
Vulnerability from csaf_redhat
Published
2025-08-14 22:50
Modified
2025-10-20 17:31
Summary
Red Hat Security Advisory: Red Hat OpenShift Builds 1.5.1
Notes
Topic
Red Hat OpenShift Builds 1.5.1
Details
Releases of Red Hat OpenShift Builds 1.5.1
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Builds 1.5.1",
"title": "Topic"
},
{
"category": "general",
"text": "Releases of Red Hat OpenShift Builds 1.5.1",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:13932",
"url": "https://access.redhat.com/errata/RHSA-2025:13932"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/builds_for_red_hat_openshift/1.5",
"url": "https://docs.redhat.com/en/documentation/builds_for_red_hat_openshift/1.5"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_13932.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Builds 1.5.1",
"tracking": {
"current_release_date": "2025-10-20T17:31:37+00:00",
"generator": {
"date": "2025-10-20T17:31:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:13932",
"initial_release_date": "2025-08-14T22:50:13+00:00",
"revision_history": [
{
"date": "2025-08-14T22:50:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-14T22:50:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-20T17:31:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Builds for Red Hat OpenShift 1.5.1",
"product": {
"name": "Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_builds:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Builds for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3A06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1.5.1-1755171468"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256%3A4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1.5.1-1755174540"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3Ae172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1.5.1-1755171468"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3A1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1.5.1-1755171468"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3A1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1.5.1-1755171468"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64 as a component of Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64",
"relates_to_product_reference": "Builds for Red Hat OpenShift 1.5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64 as a component of Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"relates_to_product_reference": "Builds for Red Hat OpenShift 1.5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x as a component of Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"relates_to_product_reference": "Builds for Red Hat OpenShift 1.5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le as a component of Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"relates_to_product_reference": "Builds for Red Hat OpenShift 1.5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64 as a component of Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64",
"relates_to_product_reference": "Builds for Red Hat OpenShift 1.5.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64"
],
"known_not_affected": [
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-14T22:50:13+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.5.0 upgrades to to 1.5.1",
"product_ids": [
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13932"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
rhsa-2025:14470
Vulnerability from csaf_redhat
Published
2025-08-25 09:22
Modified
2025-10-20 17:31
Summary
Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release
Notes
Topic
The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).
Details
The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:14470",
"url": "https://access.redhat.com/errata/RHSA-2025:14470"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14470.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2025-10-20T17:31:39+00:00",
"generator": {
"date": "2025-10-20T17:31:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:14470",
"initial_release_date": "2025-08-25T09:22:38+00:00",
"revision_history": [
{
"date": "2025-08-25T09:22:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-25T09:22:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-20T17:31:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.2",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:eb38e98dbb9828fe033a5388609132f7246fe77d2f4d258d015a94ea30752b24_amd64",
"product": {
"name": "registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:eb38e98dbb9828fe033a5388609132f7246fe77d2f4d258d015a94ea30752b24_amd64",
"product_id": "registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:eb38e98dbb9828fe033a5388609132f7246fe77d2f4d258d015a94ea30752b24_amd64",
"product_identification_helper": {
"purl": "pkg:oci/certificate-transparency-rhel9@sha256%3Aeb38e98dbb9828fe033a5388609132f7246fe77d2f4d258d015a94ea30752b24?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755260216"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:eb38e98dbb9828fe033a5388609132f7246fe77d2f4d258d015a94ea30752b24_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:eb38e98dbb9828fe033a5388609132f7246fe77d2f4d258d015a94ea30752b24_amd64"
},
"product_reference": "registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:eb38e98dbb9828fe033a5388609132f7246fe77d2f4d258d015a94ea30752b24_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:eb38e98dbb9828fe033a5388609132f7246fe77d2f4d258d015a94ea30752b24_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-25T09:22:38+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the [Sigstore project](https://sigstore.dev/). Platform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain. For details on using the operator, refer to [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1). You can find the release notes for this version of Red Hat Trusted Artifact Signer [here](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index).",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:eb38e98dbb9828fe033a5388609132f7246fe77d2f4d258d015a94ea30752b24_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14470"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:eb38e98dbb9828fe033a5388609132f7246fe77d2f4d258d015a94ea30752b24_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
rhsa-2025:14479
Vulnerability from csaf_redhat
Published
2025-08-25 09:29
Modified
2025-10-20 17:31
Summary
Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release
Notes
Topic
The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).
Details
The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:14479",
"url": "https://access.redhat.com/errata/RHSA-2025:14479"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14479.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2025-10-20T17:31:41+00:00",
"generator": {
"date": "2025-10-20T17:31:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:14479",
"initial_release_date": "2025-08-25T09:29:43+00:00",
"revision_history": [
{
"date": "2025-08-25T09:29:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-25T09:29:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-20T17:31:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.2",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:531603563c69aac6905cd6b8157d30781040527404ac2313acba5a9310e0b713_amd64",
"product": {
"name": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:531603563c69aac6905cd6b8157d30781040527404ac2313acba5a9310e0b713_amd64",
"product_id": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:531603563c69aac6905cd6b8157d30781040527404ac2313acba5a9310e0b713_amd64",
"product_identification_helper": {
"purl": "pkg:oci/timestamp-authority-rhel9@sha256%3A531603563c69aac6905cd6b8157d30781040527404ac2313acba5a9310e0b713?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755456242"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:531603563c69aac6905cd6b8157d30781040527404ac2313acba5a9310e0b713_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:531603563c69aac6905cd6b8157d30781040527404ac2313acba5a9310e0b713_amd64"
},
"product_reference": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:531603563c69aac6905cd6b8157d30781040527404ac2313acba5a9310e0b713_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:531603563c69aac6905cd6b8157d30781040527404ac2313acba5a9310e0b713_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-25T09:29:43+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the [Sigstore project](https://sigstore.dev/). Platform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain. For details on using the operator, refer to [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1). You can find the release notes for this version of Red Hat Trusted Artifact Signer [here](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index).",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:531603563c69aac6905cd6b8157d30781040527404ac2313acba5a9310e0b713_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:531603563c69aac6905cd6b8157d30781040527404ac2313acba5a9310e0b713_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
rhsa-2025:17731
Vulnerability from csaf_redhat
Published
2025-10-09 18:48
Modified
2025-10-22 13:59
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.2 security update
Notes
Topic
Important: Red Hat OpenShift GitOps v1.17.2 security update
Details
An update is now available for Red Hat OpenShift GitOps.
Bug Fix(es) and Enhancement(s):
* GITOPS-7180: Redis HA Proxy pod fails to start with Security Context error
* GITOPS-7331: operator controller logs error when console link is disabled
* GITOPS-7461: Redis container fails with "runAsNonRoot and image will run as root" after upgrade to argocd-operator 0.14.1
* GITOPS-7564: OpenShift GitOps v1.17 must-gather images produce an empty must-gather
* GITOPS-7606: ApplicationSet: Bitbucket SCM/PR generator leaks HTTP connections
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Important: Red Hat OpenShift GitOps v1.17.2 security update",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for Red Hat OpenShift GitOps.\nBug Fix(es) and Enhancement(s):\n* GITOPS-7180: Redis HA Proxy pod fails to start with Security Context error\n* GITOPS-7331: operator controller logs error when console link is disabled\n* GITOPS-7461: Redis container fails with \"runAsNonRoot and image will run as root\" after upgrade to argocd-operator 0.14.1\n* GITOPS-7564: OpenShift GitOps v1.17 must-gather images produce an empty must-gather\n* GITOPS-7606: ApplicationSet: Bitbucket SCM/PR generator leaks HTTP connections",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:17731",
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47907",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59531",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59537",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59538",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.17/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.17/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17731.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.2 security update",
"tracking": {
"current_release_date": "2025-10-22T13:59:18+00:00",
"generator": {
"date": "2025-10-22T13:59:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:17731",
"initial_release_date": "2025-10-09T18:48:05+00:00",
"revision_history": [
{
"date": "2025-10-09T18:48:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-09T18:48:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-22T13:59:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.17",
"product": {
"name": "Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.17::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Ac28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3Aa2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3Aa73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3Afaa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Aaf6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Aba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Ad3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3Acbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256%3A4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3Ac9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Ae5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3A1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3Ab6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Ac7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Aac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3Aa85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Aa0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3Aa182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Aa85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Aa03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3A1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Ab9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Aa4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
},
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
},
{
"cve": "CVE-2025-59531",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2025-10-01T21:03:46.509567+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400935"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was identified in the Argo CD continuous delivery tool, which is distributed as part of Red Hat GitOps product. An unauthenticated attacker can exploit this flaw by sending a specially crafted request to the Application Programming Interface (API) webhook endpoint. This action causes the API server to crash, preventing it from restarting properly. By repeatedly targeting the server, an attacker can cause a complete service outage, making the Argo CD interface unavailable to all users. This vulnerability is only exposed in configurations where a specific webhook secret has not been set.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security team, this happens because an unauthenticated attacker is able to cause a denial of service from the whole GitOps cluster. This vulnerability affects only clusters without a configured \u0027webhook.bitbucket.secret\u0027 configuration key, thus clusters that have this option configured are not exposed to this flaw.\n\nThis vulnerability lies in a unsafe cast when trying to retrieve the `repository.links.clone`JSON field from BitBucket-Server push request. When the unsafe cast is triggered, the goroutine created by the worker to process the request will fail within an assertion panic and, as it lacks a recovery routine, the whole argocd-server binary will be terminated. If an attacker manages to force all the argocd-server replica nodes to reach this assertion failure, a Denial of Service of the whole cluster will happen.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "RHBZ#2400935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f",
"url": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc"
}
],
"release_date": "2025-10-01T20:49:35.428000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "workaround",
"details": "If a BitBucket repository is being used by GitOps it\u0027s possible to mitigate this vulnerability by setting up a BitBucket webhook secret to ensure only trusted parties can access the webhook endpoint.\n\nIn case BitBucket is not being used, the user can set the webhook secret to a long random value to prevent the webhook from being called:\n\n~~~\napiVersion: v1\nkind: Secret\nmetadata:\n name: argocd-secret\ntype: Opaque\ndata:\n+ webhook.bitbucketserver.secret: \u003cyour base64-encoded secret here\u003e\n~~~",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload"
},
{
"cve": "CVE-2025-59537",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-10-01T22:00:51.264122+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400938"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "RHBZ#2400938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43",
"url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
}
],
"release_date": "2025-10-01T21:01:36.519000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service"
},
{
"cve": "CVE-2025-59538",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"discovery_date": "2025-10-01T22:00:57.544949+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400940"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoint crashes the entire argocd-server process when it receives an Azure DevOps Push event whose JSON array resource.refUpdates is empty. The slice index [0] is accessed without a length check, causing an index-out-of-range panic. A single unauthenticated HTTP POST is enough to kill the process. This issue is resolved in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "RHBZ#2400940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf",
"url": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv"
}
],
"release_date": "2025-10-01T21:09:08.870000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service"
}
]
}
rhsa-2025:14481
Vulnerability from csaf_redhat
Published
2025-08-25 09:31
Modified
2025-10-20 17:31
Summary
Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release
Notes
Topic
The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).
Details
The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:14481",
"url": "https://access.redhat.com/errata/RHSA-2025:14481"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14481.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2025-10-20T17:31:41+00:00",
"generator": {
"date": "2025-10-20T17:31:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:14481",
"initial_release_date": "2025-08-25T09:31:18+00:00",
"revision_history": [
{
"date": "2025-08-25T09:31:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-25T09:31:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-20T17:31:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.2",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/createtree-rhel9@sha256:812315ab0ef006799ebe158dff67773b56d5d5e86d07dee9341214d1b49f4542_amd64",
"product": {
"name": "registry.redhat.io/rhtas/createtree-rhel9@sha256:812315ab0ef006799ebe158dff67773b56d5d5e86d07dee9341214d1b49f4542_amd64",
"product_id": "registry.redhat.io/rhtas/createtree-rhel9@sha256:812315ab0ef006799ebe158dff67773b56d5d5e86d07dee9341214d1b49f4542_amd64",
"product_identification_helper": {
"purl": "pkg:oci/createtree-rhel9@sha256%3A812315ab0ef006799ebe158dff67773b56d5d5e86d07dee9341214d1b49f4542?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755453615"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/trillian-database-rhel9@sha256:640633823a54c11fe2a8b3d05e571399fda415b6f0b3adf1ba9806882a94bdd4_amd64",
"product": {
"name": "registry.redhat.io/rhtas/trillian-database-rhel9@sha256:640633823a54c11fe2a8b3d05e571399fda415b6f0b3adf1ba9806882a94bdd4_amd64",
"product_id": "registry.redhat.io/rhtas/trillian-database-rhel9@sha256:640633823a54c11fe2a8b3d05e571399fda415b6f0b3adf1ba9806882a94bdd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/trillian-database-rhel9@sha256%3A640633823a54c11fe2a8b3d05e571399fda415b6f0b3adf1ba9806882a94bdd4?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755453599"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:12b438ea70f83ee6edb12c96b507f92510f4afba824eac34c8f50793c4199db6_amd64",
"product": {
"name": "registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:12b438ea70f83ee6edb12c96b507f92510f4afba824eac34c8f50793c4199db6_amd64",
"product_id": "registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:12b438ea70f83ee6edb12c96b507f92510f4afba824eac34c8f50793c4199db6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/trillian-logserver-rhel9@sha256%3A12b438ea70f83ee6edb12c96b507f92510f4afba824eac34c8f50793c4199db6?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755453589"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:1d782a127d2f8bdab633f287cb2df2e400ae91bf5d4b913473539d8512dfaab6_amd64",
"product": {
"name": "registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:1d782a127d2f8bdab633f287cb2df2e400ae91bf5d4b913473539d8512dfaab6_amd64",
"product_id": "registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:1d782a127d2f8bdab633f287cb2df2e400ae91bf5d4b913473539d8512dfaab6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/trillian-logsigner-rhel9@sha256%3A1d782a127d2f8bdab633f287cb2df2e400ae91bf5d4b913473539d8512dfaab6?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755453584"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fc018a45b7eb48690c46c83f52cac55fa40089e6b02686bc21265dc7c2205b8f_amd64",
"product": {
"name": "registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fc018a45b7eb48690c46c83f52cac55fa40089e6b02686bc21265dc7c2205b8f_amd64",
"product_id": "registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fc018a45b7eb48690c46c83f52cac55fa40089e6b02686bc21265dc7c2205b8f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/trillian-redis-rhel9@sha256%3Afc018a45b7eb48690c46c83f52cac55fa40089e6b02686bc21265dc7c2205b8f?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755453519"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:bfa0cd62454f67ab94aa0d8fe58f8c624fccb8abd91e7d968725ee412ecde07a_amd64",
"product": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:bfa0cd62454f67ab94aa0d8fe58f8c624fccb8abd91e7d968725ee412ecde07a_amd64",
"product_id": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:bfa0cd62454f67ab94aa0d8fe58f8c624fccb8abd91e7d968725ee412ecde07a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/updatetree-rhel9@sha256%3Abfa0cd62454f67ab94aa0d8fe58f8c624fccb8abd91e7d968725ee412ecde07a?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755453584"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/createtree-rhel9@sha256:812315ab0ef006799ebe158dff67773b56d5d5e86d07dee9341214d1b49f4542_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/createtree-rhel9@sha256:812315ab0ef006799ebe158dff67773b56d5d5e86d07dee9341214d1b49f4542_amd64"
},
"product_reference": "registry.redhat.io/rhtas/createtree-rhel9@sha256:812315ab0ef006799ebe158dff67773b56d5d5e86d07dee9341214d1b49f4542_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/trillian-database-rhel9@sha256:640633823a54c11fe2a8b3d05e571399fda415b6f0b3adf1ba9806882a94bdd4_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:640633823a54c11fe2a8b3d05e571399fda415b6f0b3adf1ba9806882a94bdd4_amd64"
},
"product_reference": "registry.redhat.io/rhtas/trillian-database-rhel9@sha256:640633823a54c11fe2a8b3d05e571399fda415b6f0b3adf1ba9806882a94bdd4_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:12b438ea70f83ee6edb12c96b507f92510f4afba824eac34c8f50793c4199db6_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:12b438ea70f83ee6edb12c96b507f92510f4afba824eac34c8f50793c4199db6_amd64"
},
"product_reference": "registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:12b438ea70f83ee6edb12c96b507f92510f4afba824eac34c8f50793c4199db6_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:1d782a127d2f8bdab633f287cb2df2e400ae91bf5d4b913473539d8512dfaab6_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:1d782a127d2f8bdab633f287cb2df2e400ae91bf5d4b913473539d8512dfaab6_amd64"
},
"product_reference": "registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:1d782a127d2f8bdab633f287cb2df2e400ae91bf5d4b913473539d8512dfaab6_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fc018a45b7eb48690c46c83f52cac55fa40089e6b02686bc21265dc7c2205b8f_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fc018a45b7eb48690c46c83f52cac55fa40089e6b02686bc21265dc7c2205b8f_amd64"
},
"product_reference": "registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fc018a45b7eb48690c46c83f52cac55fa40089e6b02686bc21265dc7c2205b8f_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:bfa0cd62454f67ab94aa0d8fe58f8c624fccb8abd91e7d968725ee412ecde07a_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:bfa0cd62454f67ab94aa0d8fe58f8c624fccb8abd91e7d968725ee412ecde07a_amd64"
},
"product_reference": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:bfa0cd62454f67ab94aa0d8fe58f8c624fccb8abd91e7d968725ee412ecde07a_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/createtree-rhel9@sha256:812315ab0ef006799ebe158dff67773b56d5d5e86d07dee9341214d1b49f4542_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fc018a45b7eb48690c46c83f52cac55fa40089e6b02686bc21265dc7c2205b8f_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:bfa0cd62454f67ab94aa0d8fe58f8c624fccb8abd91e7d968725ee412ecde07a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:640633823a54c11fe2a8b3d05e571399fda415b6f0b3adf1ba9806882a94bdd4_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:12b438ea70f83ee6edb12c96b507f92510f4afba824eac34c8f50793c4199db6_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:1d782a127d2f8bdab633f287cb2df2e400ae91bf5d4b913473539d8512dfaab6_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/createtree-rhel9@sha256:812315ab0ef006799ebe158dff67773b56d5d5e86d07dee9341214d1b49f4542_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fc018a45b7eb48690c46c83f52cac55fa40089e6b02686bc21265dc7c2205b8f_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:bfa0cd62454f67ab94aa0d8fe58f8c624fccb8abd91e7d968725ee412ecde07a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-25T09:31:18+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the [Sigstore project](https://sigstore.dev/). Platform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain. For details on using the operator, refer to [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1). You can find the release notes for this version of Red Hat Trusted Artifact Signer [here](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index).",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:640633823a54c11fe2a8b3d05e571399fda415b6f0b3adf1ba9806882a94bdd4_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:12b438ea70f83ee6edb12c96b507f92510f4afba824eac34c8f50793c4199db6_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:1d782a127d2f8bdab633f287cb2df2e400ae91bf5d4b913473539d8512dfaab6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14481"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/createtree-rhel9@sha256:812315ab0ef006799ebe158dff67773b56d5d5e86d07dee9341214d1b49f4542_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:640633823a54c11fe2a8b3d05e571399fda415b6f0b3adf1ba9806882a94bdd4_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:12b438ea70f83ee6edb12c96b507f92510f4afba824eac34c8f50793c4199db6_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:1d782a127d2f8bdab633f287cb2df2e400ae91bf5d4b913473539d8512dfaab6_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fc018a45b7eb48690c46c83f52cac55fa40089e6b02686bc21265dc7c2205b8f_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:bfa0cd62454f67ab94aa0d8fe58f8c624fccb8abd91e7d968725ee412ecde07a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
rhsa-2025:14472
Vulnerability from csaf_redhat
Published
2025-08-25 09:24
Modified
2025-10-20 17:31
Summary
Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release
Notes
Topic
The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).
Details
The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:14472",
"url": "https://access.redhat.com/errata/RHSA-2025:14472"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14472.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2025-10-20T17:31:39+00:00",
"generator": {
"date": "2025-10-20T17:31:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:14472",
"initial_release_date": "2025-08-25T09:24:18+00:00",
"revision_history": [
{
"date": "2025-08-25T09:24:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-25T09:24:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-20T17:31:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.2",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:6270ba29adf779de5d3916d5e82f1cd9491ba89d4ae2042347b6ad6d1819dd26_amd64",
"product": {
"name": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:6270ba29adf779de5d3916d5e82f1cd9491ba89d4ae2042347b6ad6d1819dd26_amd64",
"product_id": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:6270ba29adf779de5d3916d5e82f1cd9491ba89d4ae2042347b6ad6d1819dd26_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fulcio-rhel9@sha256%3A6270ba29adf779de5d3916d5e82f1cd9491ba89d4ae2042347b6ad6d1819dd26?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755455686"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:6270ba29adf779de5d3916d5e82f1cd9491ba89d4ae2042347b6ad6d1819dd26_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fulcio-rhel9@sha256:6270ba29adf779de5d3916d5e82f1cd9491ba89d4ae2042347b6ad6d1819dd26_amd64"
},
"product_reference": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:6270ba29adf779de5d3916d5e82f1cd9491ba89d4ae2042347b6ad6d1819dd26_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fulcio-rhel9@sha256:6270ba29adf779de5d3916d5e82f1cd9491ba89d4ae2042347b6ad6d1819dd26_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-25T09:24:18+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the [Sigstore project](https://sigstore.dev/). Platform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain. For details on using the operator, refer to [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1). You can find the release notes for this version of Red Hat Trusted Artifact Signer [here](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index).",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fulcio-rhel9@sha256:6270ba29adf779de5d3916d5e82f1cd9491ba89d4ae2042347b6ad6d1819dd26_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14472"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fulcio-rhel9@sha256:6270ba29adf779de5d3916d5e82f1cd9491ba89d4ae2042347b6ad6d1819dd26_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
rhsa-2025:14476
Vulnerability from csaf_redhat
Published
2025-08-25 09:27
Modified
2025-10-20 17:31
Summary
Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release
Notes
Topic
The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).
Details
The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:14476",
"url": "https://access.redhat.com/errata/RHSA-2025:14476"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14476.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2025-10-20T17:31:40+00:00",
"generator": {
"date": "2025-10-20T17:31:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:14476",
"initial_release_date": "2025-08-25T09:27:15+00:00",
"revision_history": [
{
"date": "2025-08-25T09:27:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-25T09:27:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-20T17:31:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.2",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:09b4aeeb607c88c72f69e6f87cb840c82ef5752c64a58fa13551db749fac2530_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:09b4aeeb607c88c72f69e6f87cb840c82ef5752c64a58fa13551db749fac2530_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:09b4aeeb607c88c72f69e6f87cb840c82ef5752c64a58fa13551db749fac2530_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-backfill-redis-rhel9@sha256%3A09b4aeeb607c88c72f69e6f87cb840c82ef5752c64a58fa13551db749fac2530?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755454879"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:7a47b37bfeebe2e95b90333869fda68d87587ff65aac7ce1c777ae75e882450a_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:7a47b37bfeebe2e95b90333869fda68d87587ff65aac7ce1c777ae75e882450a_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:7a47b37bfeebe2e95b90333869fda68d87587ff65aac7ce1c777ae75e882450a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-cli-rhel9@sha256%3A7a47b37bfeebe2e95b90333869fda68d87587ff65aac7ce1c777ae75e882450a?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755454919"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:02fbd4772c185edf38fcee4e5c5e1c9dad82b77c9da824addaebc445b67d35ac_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:02fbd4772c185edf38fcee4e5c5e1c9dad82b77c9da824addaebc445b67d35ac_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:02fbd4772c185edf38fcee4e5c5e1c9dad82b77c9da824addaebc445b67d35ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-server-rhel9@sha256%3A02fbd4772c185edf38fcee4e5c5e1c9dad82b77c9da824addaebc445b67d35ac?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755454949"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:09b4aeeb607c88c72f69e6f87cb840c82ef5752c64a58fa13551db749fac2530_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:09b4aeeb607c88c72f69e6f87cb840c82ef5752c64a58fa13551db749fac2530_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:09b4aeeb607c88c72f69e6f87cb840c82ef5752c64a58fa13551db749fac2530_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:7a47b37bfeebe2e95b90333869fda68d87587ff65aac7ce1c777ae75e882450a_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:7a47b37bfeebe2e95b90333869fda68d87587ff65aac7ce1c777ae75e882450a_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:7a47b37bfeebe2e95b90333869fda68d87587ff65aac7ce1c777ae75e882450a_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:02fbd4772c185edf38fcee4e5c5e1c9dad82b77c9da824addaebc445b67d35ac_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:02fbd4772c185edf38fcee4e5c5e1c9dad82b77c9da824addaebc445b67d35ac_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:02fbd4772c185edf38fcee4e5c5e1c9dad82b77c9da824addaebc445b67d35ac_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:09b4aeeb607c88c72f69e6f87cb840c82ef5752c64a58fa13551db749fac2530_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:7a47b37bfeebe2e95b90333869fda68d87587ff65aac7ce1c777ae75e882450a_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:02fbd4772c185edf38fcee4e5c5e1c9dad82b77c9da824addaebc445b67d35ac_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-25T09:27:15+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the [Sigstore project](https://sigstore.dev/). Platform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain. For details on using the operator, refer to [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1). You can find the release notes for this version of Red Hat Trusted Artifact Signer [here](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index).",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:09b4aeeb607c88c72f69e6f87cb840c82ef5752c64a58fa13551db749fac2530_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:7a47b37bfeebe2e95b90333869fda68d87587ff65aac7ce1c777ae75e882450a_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:02fbd4772c185edf38fcee4e5c5e1c9dad82b77c9da824addaebc445b67d35ac_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:09b4aeeb607c88c72f69e6f87cb840c82ef5752c64a58fa13551db749fac2530_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:7a47b37bfeebe2e95b90333869fda68d87587ff65aac7ce1c777ae75e882450a_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:02fbd4772c185edf38fcee4e5c5e1c9dad82b77c9da824addaebc445b67d35ac_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
rhsa-2025:10676
Vulnerability from csaf_redhat
Published
2025-07-09 00:58
Modified
2025-10-20 17:31
Summary
Red Hat Security Advisory: golang security update
Notes
Topic
An update for golang is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The golang packages provide the Go programming language compiler.
Security Fix(es):
* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10676",
"url": "https://access.redhat.com/errata/RHSA-2025:10676"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10676.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2025-10-20T17:31:37+00:00",
"generator": {
"date": "2025-10-20T17:31:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:10676",
"initial_release_date": "2025-07-09T00:58:06+00:00",
"revision_history": [
{
"date": "2025-07-09T00:58:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-09T00:58:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-20T17:31:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el9_6.aarch64",
"product": {
"name": "go-toolset-0:1.24.4-1.el9_6.aarch64",
"product_id": "go-toolset-0:1.24.4-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el9_6.aarch64",
"product": {
"name": "golang-0:1.24.4-1.el9_6.aarch64",
"product_id": "golang-0:1.24.4-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el9_6.aarch64",
"product": {
"name": "golang-bin-0:1.24.4-1.el9_6.aarch64",
"product_id": "golang-bin-0:1.24.4-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el9_6.aarch64",
"product": {
"name": "golang-race-0:1.24.4-1.el9_6.aarch64",
"product_id": "golang-race-0:1.24.4-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el9_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el9_6.ppc64le",
"product": {
"name": "go-toolset-0:1.24.4-1.el9_6.ppc64le",
"product_id": "go-toolset-0:1.24.4-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el9_6.ppc64le",
"product": {
"name": "golang-0:1.24.4-1.el9_6.ppc64le",
"product_id": "golang-0:1.24.4-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el9_6.ppc64le",
"product": {
"name": "golang-bin-0:1.24.4-1.el9_6.ppc64le",
"product_id": "golang-bin-0:1.24.4-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el9_6.ppc64le",
"product": {
"name": "golang-race-0:1.24.4-1.el9_6.ppc64le",
"product_id": "golang-race-0:1.24.4-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el9_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el9_6.x86_64",
"product": {
"name": "go-toolset-0:1.24.4-1.el9_6.x86_64",
"product_id": "go-toolset-0:1.24.4-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el9_6.x86_64",
"product": {
"name": "golang-0:1.24.4-1.el9_6.x86_64",
"product_id": "golang-0:1.24.4-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el9_6.x86_64",
"product": {
"name": "golang-bin-0:1.24.4-1.el9_6.x86_64",
"product_id": "golang-bin-0:1.24.4-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el9_6.x86_64",
"product": {
"name": "golang-race-0:1.24.4-1.el9_6.x86_64",
"product_id": "golang-race-0:1.24.4-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el9_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el9_6.s390x",
"product": {
"name": "go-toolset-0:1.24.4-1.el9_6.s390x",
"product_id": "go-toolset-0:1.24.4-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el9_6.s390x",
"product": {
"name": "golang-0:1.24.4-1.el9_6.s390x",
"product_id": "golang-0:1.24.4-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el9_6.s390x",
"product": {
"name": "golang-bin-0:1.24.4-1.el9_6.s390x",
"product_id": "golang-bin-0:1.24.4-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el9_6.s390x",
"product": {
"name": "golang-race-0:1.24.4-1.el9_6.s390x",
"product_id": "golang-race-0:1.24.4-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el9_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el9_6.src",
"product": {
"name": "golang-0:1.24.4-1.el9_6.src",
"product_id": "golang-0:1.24.4-1.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el9_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.24.4-1.el9_6.noarch",
"product": {
"name": "golang-docs-0:1.24.4-1.el9_6.noarch",
"product_id": "golang-docs-0:1.24.4-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.24.4-1.el9_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.24.4-1.el9_6.noarch",
"product": {
"name": "golang-misc-0:1.24.4-1.el9_6.noarch",
"product_id": "golang-misc-0:1.24.4-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.24.4-1.el9_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.24.4-1.el9_6.noarch",
"product": {
"name": "golang-src-0:1.24.4-1.el9_6.noarch",
"product_id": "golang-src-0:1.24.4-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.24.4-1.el9_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.24.4-1.el9_6.noarch",
"product": {
"name": "golang-tests-0:1.24.4-1.el9_6.noarch",
"product_id": "golang-tests-0:1.24.4-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.24.4-1.el9_6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64"
},
"product_reference": "go-toolset-0:1.24.4-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le"
},
"product_reference": "go-toolset-0:1.24.4-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x"
},
"product_reference": "go-toolset-0:1.24.4-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64"
},
"product_reference": "go-toolset-0:1.24.4-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64"
},
"product_reference": "golang-0:1.24.4-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le"
},
"product_reference": "golang-0:1.24.4-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x"
},
"product_reference": "golang-0:1.24.4-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el9_6.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src"
},
"product_reference": "golang-0:1.24.4-1.el9_6.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64"
},
"product_reference": "golang-0:1.24.4-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64"
},
"product_reference": "golang-bin-0:1.24.4-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le"
},
"product_reference": "golang-bin-0:1.24.4-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x"
},
"product_reference": "golang-bin-0:1.24.4-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64"
},
"product_reference": "golang-bin-0:1.24.4-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.24.4-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch"
},
"product_reference": "golang-docs-0:1.24.4-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.24.4-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch"
},
"product_reference": "golang-misc-0:1.24.4-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64"
},
"product_reference": "golang-race-0:1.24.4-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le"
},
"product_reference": "golang-race-0:1.24.4-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x"
},
"product_reference": "golang-race-0:1.24.4-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64"
},
"product_reference": "golang-race-0:1.24.4-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.24.4-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch"
},
"product_reference": "golang-src-0:1.24.4-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.24.4-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
},
"product_reference": "golang-tests-0:1.24.4-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4673",
"discovery_date": "2025-06-18T06:34:57.662025+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue is rated as Moderate because while it can lead to a significant compromise of confidentiality, the attack complexity is high. Successful exploitation requires a specific set of circumstances, including the use of a proxy that relies on these headers for authentication and a user being enticed to interact with a malicious URL. The vulnerability does not allow for arbitrary code execution or a direct compromise of system integrity or availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "RHBZ#2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://go.dev/cl/679257",
"url": "https://go.dev/cl/679257"
},
{
"category": "external",
"summary": "https://go.dev/issue/73816",
"url": "https://go.dev/issue/73816"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3751",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"release_date": "2025-06-11T16:42:53.054000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T00:58:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http"
},
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T00:58:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
rhsa-2025:13931
Vulnerability from csaf_redhat
Published
2025-08-14 22:06
Modified
2025-10-20 17:31
Summary
Red Hat Security Advisory: Red Hat OpenShift Builds 1.5.1
Notes
Topic
Red Hat OpenShift Builds 1.5.1
Details
Releases of Red Hat OpenShift Builds 1.5.1
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Builds 1.5.1",
"title": "Topic"
},
{
"category": "general",
"text": "Releases of Red Hat OpenShift Builds 1.5.1",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:13931",
"url": "https://access.redhat.com/errata/RHSA-2025:13931"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/builds_for_red_hat_openshift/1.5",
"url": "https://docs.redhat.com/en/documentation/builds_for_red_hat_openshift/1.5"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_13931.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Builds 1.5.1",
"tracking": {
"current_release_date": "2025-10-20T17:31:37+00:00",
"generator": {
"date": "2025-10-20T17:31:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:13931",
"initial_release_date": "2025-08-14T22:06:55+00:00",
"revision_history": [
{
"date": "2025-08-14T22:06:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-14T22:06:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-20T17:31:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Builds for Red Hat OpenShift 1.5.1",
"product": {
"name": "Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_builds:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Builds for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3A06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1.5.0-1755171468"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256%3A4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1.5.0-1755174540"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3Ae172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1.5.0-1755171468"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3A1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1.5.0-1755171468"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3A1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1.5.0-1755171468"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64 as a component of Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64",
"relates_to_product_reference": "Builds for Red Hat OpenShift 1.5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64 as a component of Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"relates_to_product_reference": "Builds for Red Hat OpenShift 1.5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x as a component of Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"relates_to_product_reference": "Builds for Red Hat OpenShift 1.5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le as a component of Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"relates_to_product_reference": "Builds for Red Hat OpenShift 1.5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64 as a component of Builds for Red Hat OpenShift 1.5.1",
"product_id": "Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64",
"relates_to_product_reference": "Builds for Red Hat OpenShift 1.5.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64"
],
"known_not_affected": [
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-14T22:06:55+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.5.0 upgrades to to 1.5.1",
"product_ids": [
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13931"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:4103bbce41d2f86071f49260e74ae89fd7a556deab7adea686cbe69477f17b58_amd64",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c_amd64",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1444fa06512941cd0b7485b9938f3aae43ef74dd235379ffe804e37445076474_s390x",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:1d2b6744f30b21751bef9567bd0af28728cc40b3b93a39719fbd8b51a15ffd4b_ppc64le",
"Builds for Red Hat OpenShift 1.5.1:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:e172eabeee4912ed718eafa33c4e0099cde86bf4b7394da4074676ae00060927_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
rhsa-2025:14473
Vulnerability from csaf_redhat
Published
2025-08-25 09:25
Modified
2025-10-20 17:31
Summary
Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release
Notes
Topic
The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).
Details
The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:14473",
"url": "https://access.redhat.com/errata/RHSA-2025:14473"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14473.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2025-10-20T17:31:39+00:00",
"generator": {
"date": "2025-10-20T17:31:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:14473",
"initial_release_date": "2025-08-25T09:25:17+00:00",
"revision_history": [
{
"date": "2025-08-25T09:25:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-25T09:25:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-20T17:31:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.2",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/client-server-rhel9@sha256:1c2201d50469d70ec6e21546c7c74bd52251d420dc1dcfa5375c1cf61dd3a9fd_amd64",
"product": {
"name": "registry.redhat.io/rhtas/client-server-rhel9@sha256:1c2201d50469d70ec6e21546c7c74bd52251d420dc1dcfa5375c1cf61dd3a9fd_amd64",
"product_id": "registry.redhat.io/rhtas/client-server-rhel9@sha256:1c2201d50469d70ec6e21546c7c74bd52251d420dc1dcfa5375c1cf61dd3a9fd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/client-server-rhel9@sha256%3A1c2201d50469d70ec6e21546c7c74bd52251d420dc1dcfa5375c1cf61dd3a9fd?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755464126"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:2c3be51e9d813495c554bdddf696011375c9ded93473094090f83d8694597824_amd64",
"product": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:2c3be51e9d813495c554bdddf696011375c9ded93473094090f83d8694597824_amd64",
"product_id": "registry.redhat.io/rhtas/cosign-rhel9@sha256:2c3be51e9d813495c554bdddf696011375c9ded93473094090f83d8694597824_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cosign-rhel9@sha256%3A2c3be51e9d813495c554bdddf696011375c9ded93473094090f83d8694597824?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755461894"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:cb4f5354efa17c1ca6c974ae2aea629e8dc635a55ced1f702cb9e2e365789002_amd64",
"product": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:cb4f5354efa17c1ca6c974ae2aea629e8dc635a55ced1f702cb9e2e365789002_amd64",
"product_id": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:cb4f5354efa17c1ca6c974ae2aea629e8dc635a55ced1f702cb9e2e365789002_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitsign-rhel9@sha256%3Acb4f5354efa17c1ca6c974ae2aea629e8dc635a55ced1f702cb9e2e365789002?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755460491"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/client-server-rhel9@sha256:1c2201d50469d70ec6e21546c7c74bd52251d420dc1dcfa5375c1cf61dd3a9fd_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:1c2201d50469d70ec6e21546c7c74bd52251d420dc1dcfa5375c1cf61dd3a9fd_amd64"
},
"product_reference": "registry.redhat.io/rhtas/client-server-rhel9@sha256:1c2201d50469d70ec6e21546c7c74bd52251d420dc1dcfa5375c1cf61dd3a9fd_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:2c3be51e9d813495c554bdddf696011375c9ded93473094090f83d8694597824_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:2c3be51e9d813495c554bdddf696011375c9ded93473094090f83d8694597824_amd64"
},
"product_reference": "registry.redhat.io/rhtas/cosign-rhel9@sha256:2c3be51e9d813495c554bdddf696011375c9ded93473094090f83d8694597824_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:cb4f5354efa17c1ca6c974ae2aea629e8dc635a55ced1f702cb9e2e365789002_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:cb4f5354efa17c1ca6c974ae2aea629e8dc635a55ced1f702cb9e2e365789002_amd64"
},
"product_reference": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:cb4f5354efa17c1ca6c974ae2aea629e8dc635a55ced1f702cb9e2e365789002_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:1c2201d50469d70ec6e21546c7c74bd52251d420dc1dcfa5375c1cf61dd3a9fd_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:2c3be51e9d813495c554bdddf696011375c9ded93473094090f83d8694597824_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:cb4f5354efa17c1ca6c974ae2aea629e8dc635a55ced1f702cb9e2e365789002_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:1c2201d50469d70ec6e21546c7c74bd52251d420dc1dcfa5375c1cf61dd3a9fd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-25T09:25:17+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the [Sigstore project](https://sigstore.dev/). Platform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain. For details on using the operator, refer to [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1). You can find the release notes for this version of Red Hat Trusted Artifact Signer [here](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index).",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:2c3be51e9d813495c554bdddf696011375c9ded93473094090f83d8694597824_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:cb4f5354efa17c1ca6c974ae2aea629e8dc635a55ced1f702cb9e2e365789002_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14473"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:1c2201d50469d70ec6e21546c7c74bd52251d420dc1dcfa5375c1cf61dd3a9fd_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:2c3be51e9d813495c554bdddf696011375c9ded93473094090f83d8694597824_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:cb4f5354efa17c1ca6c974ae2aea629e8dc635a55ced1f702cb9e2e365789002_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
rhsa-2025:10677
Vulnerability from csaf_redhat
Published
2025-07-09 00:55
Modified
2025-10-20 17:31
Summary
Red Hat Security Advisory: golang security update
Notes
Topic
An update for golang is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The golang packages provide the Go programming language compiler.
Security Fix(es):
* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10677",
"url": "https://access.redhat.com/errata/RHSA-2025:10677"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10677.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2025-10-20T17:31:37+00:00",
"generator": {
"date": "2025-10-20T17:31:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:10677",
"initial_release_date": "2025-07-09T00:55:31+00:00",
"revision_history": [
{
"date": "2025-07-09T00:55:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-09T00:55:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-20T17:31:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el10_0.aarch64",
"product": {
"name": "go-toolset-0:1.24.4-1.el10_0.aarch64",
"product_id": "go-toolset-0:1.24.4-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el10_0.aarch64",
"product": {
"name": "golang-0:1.24.4-1.el10_0.aarch64",
"product_id": "golang-0:1.24.4-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el10_0.aarch64",
"product": {
"name": "golang-bin-0:1.24.4-1.el10_0.aarch64",
"product_id": "golang-bin-0:1.24.4-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el10_0.aarch64",
"product": {
"name": "golang-race-0:1.24.4-1.el10_0.aarch64",
"product_id": "golang-race-0:1.24.4-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el10_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el10_0.ppc64le",
"product": {
"name": "go-toolset-0:1.24.4-1.el10_0.ppc64le",
"product_id": "go-toolset-0:1.24.4-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el10_0.ppc64le",
"product": {
"name": "golang-0:1.24.4-1.el10_0.ppc64le",
"product_id": "golang-0:1.24.4-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el10_0.ppc64le",
"product": {
"name": "golang-bin-0:1.24.4-1.el10_0.ppc64le",
"product_id": "golang-bin-0:1.24.4-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el10_0.ppc64le",
"product": {
"name": "golang-race-0:1.24.4-1.el10_0.ppc64le",
"product_id": "golang-race-0:1.24.4-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el10_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el10_0.x86_64",
"product": {
"name": "go-toolset-0:1.24.4-1.el10_0.x86_64",
"product_id": "go-toolset-0:1.24.4-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el10_0.x86_64",
"product": {
"name": "golang-0:1.24.4-1.el10_0.x86_64",
"product_id": "golang-0:1.24.4-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el10_0.x86_64",
"product": {
"name": "golang-bin-0:1.24.4-1.el10_0.x86_64",
"product_id": "golang-bin-0:1.24.4-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el10_0.x86_64",
"product": {
"name": "golang-race-0:1.24.4-1.el10_0.x86_64",
"product_id": "golang-race-0:1.24.4-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el10_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el10_0.s390x",
"product": {
"name": "go-toolset-0:1.24.4-1.el10_0.s390x",
"product_id": "go-toolset-0:1.24.4-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el10_0.s390x",
"product": {
"name": "golang-0:1.24.4-1.el10_0.s390x",
"product_id": "golang-0:1.24.4-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el10_0.s390x",
"product": {
"name": "golang-bin-0:1.24.4-1.el10_0.s390x",
"product_id": "golang-bin-0:1.24.4-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el10_0.s390x",
"product": {
"name": "golang-race-0:1.24.4-1.el10_0.s390x",
"product_id": "golang-race-0:1.24.4-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el10_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el10_0.src",
"product": {
"name": "golang-0:1.24.4-1.el10_0.src",
"product_id": "golang-0:1.24.4-1.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el10_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.24.4-1.el10_0.noarch",
"product": {
"name": "golang-docs-0:1.24.4-1.el10_0.noarch",
"product_id": "golang-docs-0:1.24.4-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.24.4-1.el10_0?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.24.4-1.el10_0.noarch",
"product": {
"name": "golang-misc-0:1.24.4-1.el10_0.noarch",
"product_id": "golang-misc-0:1.24.4-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.24.4-1.el10_0?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.24.4-1.el10_0.noarch",
"product": {
"name": "golang-src-0:1.24.4-1.el10_0.noarch",
"product_id": "golang-src-0:1.24.4-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.24.4-1.el10_0?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.24.4-1.el10_0.noarch",
"product": {
"name": "golang-tests-0:1.24.4-1.el10_0.noarch",
"product_id": "golang-tests-0:1.24.4-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.24.4-1.el10_0?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64"
},
"product_reference": "go-toolset-0:1.24.4-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le"
},
"product_reference": "go-toolset-0:1.24.4-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x"
},
"product_reference": "go-toolset-0:1.24.4-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64"
},
"product_reference": "go-toolset-0:1.24.4-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64"
},
"product_reference": "golang-0:1.24.4-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le"
},
"product_reference": "golang-0:1.24.4-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x"
},
"product_reference": "golang-0:1.24.4-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el10_0.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src"
},
"product_reference": "golang-0:1.24.4-1.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64"
},
"product_reference": "golang-0:1.24.4-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64"
},
"product_reference": "golang-bin-0:1.24.4-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le"
},
"product_reference": "golang-bin-0:1.24.4-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x"
},
"product_reference": "golang-bin-0:1.24.4-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64"
},
"product_reference": "golang-bin-0:1.24.4-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.24.4-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch"
},
"product_reference": "golang-docs-0:1.24.4-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.24.4-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch"
},
"product_reference": "golang-misc-0:1.24.4-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64"
},
"product_reference": "golang-race-0:1.24.4-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le"
},
"product_reference": "golang-race-0:1.24.4-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x"
},
"product_reference": "golang-race-0:1.24.4-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64"
},
"product_reference": "golang-race-0:1.24.4-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.24.4-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch"
},
"product_reference": "golang-src-0:1.24.4-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.24.4-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
},
"product_reference": "golang-tests-0:1.24.4-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4673",
"discovery_date": "2025-06-18T06:34:57.662025+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue is rated as Moderate because while it can lead to a significant compromise of confidentiality, the attack complexity is high. Successful exploitation requires a specific set of circumstances, including the use of a proxy that relies on these headers for authentication and a user being enticed to interact with a malicious URL. The vulnerability does not allow for arbitrary code execution or a direct compromise of system integrity or availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "RHBZ#2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://go.dev/cl/679257",
"url": "https://go.dev/cl/679257"
},
{
"category": "external",
"summary": "https://go.dev/issue/73816",
"url": "https://go.dev/issue/73816"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3751",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"release_date": "2025-06-11T16:42:53.054000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T00:55:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10677"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http"
},
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T00:55:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10677"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
rhsa-2025:14484
Vulnerability from csaf_redhat
Published
2025-08-25 09:54
Modified
2025-10-20 17:31
Summary
Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release
Notes
Topic
The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).
Details
The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.2.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details see [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1).",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:14484",
"url": "https://access.redhat.com/errata/RHSA-2025:14484"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14484.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2025-10-20T17:31:41+00:00",
"generator": {
"date": "2025-10-20T17:31:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:14484",
"initial_release_date": "2025-08-25T09:54:09+00:00",
"revision_history": [
{
"date": "2025-08-25T09:54:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-25T09:54:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-20T17:31:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.2",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rhtas-operator-bundle@sha256:7c4e739622f68cd924afcb41cc788cdadc34c725283a097e564d620f39637bac_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rhtas-operator-bundle@sha256:7c4e739622f68cd924afcb41cc788cdadc34c725283a097e564d620f39637bac_amd64",
"product_id": "registry.redhat.io/rhtas/rhtas-operator-bundle@sha256:7c4e739622f68cd924afcb41cc788cdadc34c725283a097e564d620f39637bac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhtas-operator-bundle@sha256%3A7c4e739622f68cd924afcb41cc788cdadc34c725283a097e564d620f39637bac?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755470189"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rhtas-rhel9-operator@sha256:01b63201e2f0547a1a2ad4a4bfa1e3560e05a813998fb0f3e415c5adcf68b78c_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rhtas-rhel9-operator@sha256:01b63201e2f0547a1a2ad4a4bfa1e3560e05a813998fb0f3e415c5adcf68b78c_amd64",
"product_id": "registry.redhat.io/rhtas/rhtas-rhel9-operator@sha256:01b63201e2f0547a1a2ad4a4bfa1e3560e05a813998fb0f3e415c5adcf68b78c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhtas-rhel9-operator@sha256%3A01b63201e2f0547a1a2ad4a4bfa1e3560e05a813998fb0f3e415c5adcf68b78c?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.2.1-1755467240"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rhtas-operator-bundle@sha256:7c4e739622f68cd924afcb41cc788cdadc34c725283a097e564d620f39637bac_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rhtas-operator-bundle@sha256:7c4e739622f68cd924afcb41cc788cdadc34c725283a097e564d620f39637bac_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rhtas-operator-bundle@sha256:7c4e739622f68cd924afcb41cc788cdadc34c725283a097e564d620f39637bac_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rhtas-rhel9-operator@sha256:01b63201e2f0547a1a2ad4a4bfa1e3560e05a813998fb0f3e415c5adcf68b78c_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rhtas-rhel9-operator@sha256:01b63201e2f0547a1a2ad4a4bfa1e3560e05a813998fb0f3e415c5adcf68b78c_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rhtas-rhel9-operator@sha256:01b63201e2f0547a1a2ad4a4bfa1e3560e05a813998fb0f3e415c5adcf68b78c_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rhtas-operator-bundle@sha256:7c4e739622f68cd924afcb41cc788cdadc34c725283a097e564d620f39637bac_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rhtas-rhel9-operator@sha256:01b63201e2f0547a1a2ad4a4bfa1e3560e05a813998fb0f3e415c5adcf68b78c_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rhtas-operator-bundle@sha256:7c4e739622f68cd924afcb41cc788cdadc34c725283a097e564d620f39637bac_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-25T09:54:09+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the [Sigstore project](https://sigstore.dev/). Platform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain. For details on using the operator, refer to [product documentation](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1). You can find the release notes for this version of Red Hat Trusted Artifact Signer [here](https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index).",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rhtas-rhel9-operator@sha256:01b63201e2f0547a1a2ad4a4bfa1e3560e05a813998fb0f3e415c5adcf68b78c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rhtas-operator-bundle@sha256:7c4e739622f68cd924afcb41cc788cdadc34c725283a097e564d620f39637bac_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rhtas-rhel9-operator@sha256:01b63201e2f0547a1a2ad4a4bfa1e3560e05a813998fb0f3e415c5adcf68b78c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
fkie_cve-2025-22874
Vulnerability from fkie_nvd
Published
2025-06-11 17:15
Modified
2025-06-12 16:06
Severity ?
Summary
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon."
},
{
"lang": "es",
"value": "Al llamar a Verify con un VerifyOptions.KeyUsages que contiene ExtKeyUsageAny, se deshabilit\u00f3 involuntariamente la validaci\u00f3n de pol\u00edticas. Esto solo afect\u00f3 a las cadenas de certificados que contienen gr\u00e1ficos de pol\u00edticas, lo cual es poco com\u00fan."
}
],
"id": "CVE-2025-22874",
"lastModified": "2025-06-12T16:06:20.180",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-06-11T17:15:42.167",
"references": [
{
"source": "security@golang.org",
"url": "https://go.dev/cl/670375"
},
{
"source": "security@golang.org",
"url": "https://go.dev/issue/73612"
},
{
"source": "security@golang.org",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"source": "security@golang.org",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Awaiting Analysis"
}
CERTFR-2025-AVI-0622
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry Windows | ||
| VMware | N/A | Stemcells sans le dernier correctif de sécurité | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu | Anti-Virus sans le dernier correctif de sécurité pour Tanzu version 2.4.0 | ||
| VMware | Tanzu | Scheduler sans le dernier correctif de sécurité pour Tanzu version 2.0.19 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | GenAI sans le dernier correctif de sécurité pour Tanzu Platform pour Cloud Foundry version 10.2.1 | ||
| VMware | Tanzu Application Service | Tanzu Application Service versions antérieures à 1.16.11 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Services sans le dernier correctif de sécurité pour Tanzu version 3.3.8 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Data Flow sans le dernier correctif de sécurité pour Tanzu version 1.14.7 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Application Service | Single Sign-On sans le dernier correctif de sécurité pour Tanzu Application Service version 1.16.11 | ||
| VMware | Tanzu | File Integrity Monitoring sans le dernier correctif de sécurité pour Tanzu version 2.1.47 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Anti-Virus sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.4.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Scheduler sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.0.19",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "GenAI sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Platform pour Cloud Foundry version 10.2.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 3.3.8",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 1.14.7",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Application Service version 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "File Integrity Monitoring sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.1.47",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2022-32149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-36617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36617"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2023-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
},
{
"name": "CVE-2022-31030",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2023-2253",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2024-21012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21012"
},
{
"name": "CVE-2023-28841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
},
{
"name": "CVE-2023-28842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-28840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2024-24557",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24557"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2023-28756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28756"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2022-24769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24769"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2024-0406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0406"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-27282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27282"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2020-36843",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36843"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2025-30691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30691"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"name": "CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4575"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2022-21698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2022-28948",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28948"
},
{
"name": "CVE-2022-29173",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29173"
},
{
"name": "CVE-2022-35929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35929"
},
{
"name": "CVE-2022-36056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36056"
},
{
"name": "CVE-2022-36109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36109"
},
{
"name": "CVE-2023-28755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28755"
},
{
"name": "CVE-2023-30551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30551"
},
{
"name": "CVE-2023-33199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33199"
},
{
"name": "CVE-2023-33202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
},
{
"name": "CVE-2023-46737",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46737"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2024-24579",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24579"
},
{
"name": "CVE-2024-29902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29902"
},
{
"name": "CVE-2024-29903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29903"
},
{
"name": "CVE-2024-40635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40635"
},
{
"name": "CVE-2024-41909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41909"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2024-52587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52587"
},
{
"name": "CVE-2024-6104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6104"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-32441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32441"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-3445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3445"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-47290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47290"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2025-4949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4949"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
}
],
"initial_release_date": "2025-07-25T00:00:00",
"last_revision_date": "2025-07-25T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0622",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35981",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35981"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35967",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35967"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35980",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35980"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35974",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35974"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35979",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35979"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35984",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35984"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35970",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35970"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35983",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35983"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35978",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35978"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35968",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35968"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35973",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35973"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35976",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35976"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35969",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35969"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35966",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35966"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35972",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35972"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35977",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35977"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35982",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35982"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35971",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35971"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35975",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35975"
}
]
}
CERTFR-2025-AVI-0661
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AppDynamics Cluster Agent versions ant\u00e9rieures \u00e0 25.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": " AppDynamics On-Premise Enterprise Console versions ant\u00e9rieures \u00e0 25.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2025-21500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21500"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2025-21503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21503"
},
{
"name": "CVE-2025-21543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21543"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2024-47601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47601"
},
{
"name": "CVE-2025-21519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21519"
},
{
"name": "CVE-2024-47544",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47544"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2024-47538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47538"
},
{
"name": "CVE-2024-47545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47545"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2022-38398",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38398"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21505"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2024-4761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4761"
},
{
"name": "CVE-2025-21501",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21501"
},
{
"name": "CVE-2024-47596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47596"
},
{
"name": "CVE-2022-48285",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48285"
},
{
"name": "CVE-2019-9674",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9674"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2020-10650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2019-20444",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20444"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2018-3824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3824"
},
{
"name": "CVE-2024-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7246"
},
{
"name": "CVE-2024-47602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47602"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-47541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47541"
},
{
"name": "CVE-2024-47774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47774"
},
{
"name": "CVE-2023-50186",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50186"
},
{
"name": "CVE-2024-47599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47599"
},
{
"name": "CVE-2024-47606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47606"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2024-47540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47540"
},
{
"name": "CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"name": "CVE-2023-0833",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0833"
},
{
"name": "CVE-2024-47542",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47542"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-21531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21531"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-21555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21555"
},
{
"name": "CVE-2024-47546",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47546"
},
{
"name": "CVE-2024-47607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47607"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2019-14439",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14439"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2025-27888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27888"
},
{
"name": "CVE-2024-47537",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47537"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2024-52979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52979"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2023-6992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6992"
},
{
"name": "CVE-2025-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21540"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2024-47778",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47778"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"name": "CVE-2018-5968",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
},
{
"name": "CVE-2024-47777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47777"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2024-47543",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47543"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2024-47600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47600"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2025-21490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21490"
},
{
"name": "CVE-2024-47835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47835"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2024-47597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47597"
},
{
"name": "CVE-2025-21520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21520"
},
{
"name": "CVE-2024-47539",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47539"
},
{
"name": "CVE-2021-23413",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23413"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-40146",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40146"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"name": "CVE-2019-10172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10172"
},
{
"name": "CVE-2025-21491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21491"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2021-42550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42550"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2024-47598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47598"
},
{
"name": "CVE-2024-47603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47603"
},
{
"name": "CVE-2022-38648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38648"
},
{
"name": "CVE-2025-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21529"
},
{
"name": "CVE-2025-21559",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21559"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-21518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21518"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2024-47615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47615"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"name": "CVE-2025-21497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21497"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2024-47776",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47776"
},
{
"name": "CVE-2024-47834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47834"
},
{
"name": "CVE-2024-47775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47775"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21522"
},
{
"name": "CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"name": "CVE-2025-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21546"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"name": "CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2019-20445",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20445"
}
],
"initial_release_date": "2025-08-07T00:00:00",
"last_revision_date": "2025-08-07T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0661",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2025-08-06",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0802",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0802"
},
{
"published_at": "2025-08-06",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0801",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0801"
}
]
}
CERTFR-2025-AVI-0693
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu pour Valkey versions 8.1.x ant\u00e9rieures \u00e0 8.1.3",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Valkey versions 8.0.x ant\u00e9rieures \u00e0 8.0.4",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Valkey versions ant\u00e9rieures \u00e0 3.0.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Valkey versions 7.2.x ant\u00e9rieures \u00e0 7.2.10",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2021-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3572"
},
{
"name": "CVE-2021-4136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4136"
},
{
"name": "CVE-2021-4173",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4173"
},
{
"name": "CVE-2021-4187",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4187"
},
{
"name": "CVE-2021-4166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4166"
},
{
"name": "CVE-2021-3968",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3968"
},
{
"name": "CVE-2021-3927",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3927"
},
{
"name": "CVE-2022-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
},
{
"name": "CVE-2021-3928",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3928"
},
{
"name": "CVE-2021-3974",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3974"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-2042",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2042"
},
{
"name": "CVE-2022-2126",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2126"
},
{
"name": "CVE-2022-1620",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1620"
},
{
"name": "CVE-2022-1619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1619"
},
{
"name": "CVE-2022-1720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1720"
},
{
"name": "CVE-2022-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2124"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2022-1616",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1616"
},
{
"name": "CVE-2022-2125",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2125"
},
{
"name": "CVE-2022-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3705"
},
{
"name": "CVE-2023-0049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0049"
},
{
"name": "CVE-2023-0051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0051"
},
{
"name": "CVE-2023-0054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0054"
},
{
"name": "CVE-2023-0433",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0433"
},
{
"name": "CVE-2023-0288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0288"
},
{
"name": "CVE-2023-0512",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0512"
},
{
"name": "CVE-2022-3099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3099"
},
{
"name": "CVE-2022-38533",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38533"
},
{
"name": "CVE-2022-3324",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3324"
},
{
"name": "CVE-2022-2345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2345"
},
{
"name": "CVE-2022-3256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3256"
},
{
"name": "CVE-2023-4734",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4734"
},
{
"name": "CVE-2023-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4781"
},
{
"name": "CVE-2023-4735",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4735"
},
{
"name": "CVE-2023-4752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4752"
},
{
"name": "CVE-2023-4751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4751"
},
{
"name": "CVE-2023-4738",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4738"
},
{
"name": "CVE-2023-5344",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5344"
},
{
"name": "CVE-2021-3826",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3826"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2024-22667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22667"
},
{
"name": "CVE-2022-44840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44840"
},
{
"name": "CVE-2022-47007",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47007"
},
{
"name": "CVE-2022-47008",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47008"
},
{
"name": "CVE-2022-47010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47010"
},
{
"name": "CVE-2022-47011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47011"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2023-1579",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1579"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2023-1972",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1972"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2025-24528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24528"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2021-3973",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3973"
},
{
"name": "CVE-2022-2129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2129"
},
{
"name": "CVE-2022-2175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2175"
},
{
"name": "CVE-2022-2182",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2182"
},
{
"name": "CVE-2022-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2183"
},
{
"name": "CVE-2022-2206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2206"
},
{
"name": "CVE-2022-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2207"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2022-2210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2210"
},
{
"name": "CVE-2022-2257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2257"
},
{
"name": "CVE-2022-2284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2284"
},
{
"name": "CVE-2022-2285",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2285"
},
{
"name": "CVE-2022-2286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2286"
},
{
"name": "CVE-2022-2287",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2287"
},
{
"name": "CVE-2022-2304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2304"
},
{
"name": "CVE-2022-2343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2343"
},
{
"name": "CVE-2022-2344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2344"
},
{
"name": "CVE-2022-2522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2522"
},
{
"name": "CVE-2022-2817",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2817"
},
{
"name": "CVE-2022-2819",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2819"
},
{
"name": "CVE-2022-2845",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2845"
},
{
"name": "CVE-2022-2849",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2849"
},
{
"name": "CVE-2022-2862",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2862"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2022-2889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2889"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2022-2946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2946"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2022-2982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2982"
},
{
"name": "CVE-2022-3016",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3016"
},
{
"name": "CVE-2022-3037",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3037"
},
{
"name": "CVE-2022-3134",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3134"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-3234",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3234"
},
{
"name": "CVE-2022-3235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3235"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-3296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3296"
},
{
"name": "CVE-2022-3297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3297"
},
{
"name": "CVE-2022-3352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3352"
},
{
"name": "CVE-2022-4141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4141"
},
{
"name": "CVE-2022-4292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4292"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2023-1127",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1127"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2023-2610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2610"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2023-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5535"
},
{
"name": "CVE-2024-29040",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29040"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2024-45306",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45306"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2021-20197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20197"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2021-45078",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45078"
},
{
"name": "CVE-2023-2222",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2222"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-57360",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57360"
},
{
"name": "CVE-2025-1150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1150"
},
{
"name": "CVE-2025-1151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1151"
},
{
"name": "CVE-2025-1152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1152"
},
{
"name": "CVE-2025-1153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1153"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-3198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3198"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2025-5245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5245"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-7545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7545"
},
{
"name": "CVE-2025-7546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7546"
}
],
"initial_release_date": "2025-08-14T00:00:00",
"last_revision_date": "2025-08-14T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0693",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
"vendor_advisories": [
{
"published_at": "2025-08-14",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36036",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36036"
},
{
"published_at": "2025-08-14",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36035",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36035"
},
{
"published_at": "2025-08-14",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36038",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36038"
},
{
"published_at": "2025-08-14",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36037",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36037"
}
]
}
CERTFR-2025-AVI-0751
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry versions antérieures à 6.0.19+LTS-T | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry versions antérieures à 10.0.9 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry versions antérieures à 10.2.2+LTS-T |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform for Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.19+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry versions ant\u00e9rieures \u00e0 10.0.9",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.2+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2025-23048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23048"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2025-49812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49812"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2025-27209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27209"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-30399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30399"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2024-43204",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43204"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2025-49007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49007"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2025-1217",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1217"
},
{
"name": "CVE-2025-53020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53020"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2024-47252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47252"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-1736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1736"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2025-1734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1734"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-1861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1861"
},
{
"name": "CVE-2025-21588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21588"
},
{
"name": "CVE-2025-49630",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49630"
},
{
"name": "CVE-2025-1219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1219"
},
{
"name": "CVE-2024-42516",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42516"
},
{
"name": "CVE-2024-43394",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43394"
}
],
"initial_release_date": "2025-09-03T00:00:00",
"last_revision_date": "2025-09-03T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0751",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware TNZ-2025-0071",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36077"
},
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware TNZ-2025-0069",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36075"
},
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware TNZ-2025-0070",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36076"
}
]
}
CERTFR-2025-AVI-0756
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T | ||
| VMware | Tanzu | Tanzu for MySQL on Cloud Foundry versions antérieures à 10.0.2 | ||
| VMware | Tanzu | Java Buildpack versions antérieures à 4.84.0 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy Azure Light versions antérieures à 1.894 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 10.0.9 | ||
| VMware | Tanzu | Tanzu Scheduler versions antérieures à 2.0.20 | ||
| VMware | Tanzu | Spring Cloud Services for VMware Tanzu versions antérieures à 3.3.9 | ||
| VMware | Tanzu | Tanzu GemFire versions antérieures à 10.1.4 | ||
| VMware | Tanzu Operations Manager | Tanzu Operations Manager versions antérieures à 3.1.2 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 6.0.19+LTS-T | ||
| VMware | Tanzu | Single Sign-On for VMware Tanzu Application Service versions antérieures à 1.16.12 | ||
| VMware | Tanzu | Tanzu Hub versions antérieures à 10.2.1 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy versions antérieures à 1.894 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for MySQL on Cloud Foundry versions ant\u00e9rieures \u00e0 10.0.2",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.84.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy Azure Light versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.0.9",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Scheduler versions ant\u00e9rieures \u00e0 2.0.20",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services for VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.9",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 10.1.4",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Operations Manager versions ant\u00e9rieures \u00e0 3.1.2",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.19+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On for VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.12",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2013-1548",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1548"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2017-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
},
{
"name": "CVE-2018-3280",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3280"
},
{
"name": "CVE-2018-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3137"
},
{
"name": "CVE-2018-3285",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3285"
},
{
"name": "CVE-2018-3182",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3182"
},
{
"name": "CVE-2018-3186",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3186"
},
{
"name": "CVE-2018-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3195"
},
{
"name": "CVE-2018-3286",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3286"
},
{
"name": "CVE-2018-3170",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3170"
},
{
"name": "CVE-2018-3279",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3279"
},
{
"name": "CVE-2018-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3212"
},
{
"name": "CVE-2018-3203",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3203"
},
{
"name": "CVE-2018-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3145"
},
{
"name": "CVE-2019-2530",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2530"
},
{
"name": "CVE-2019-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2436"
},
{
"name": "CVE-2019-2539",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2539"
},
{
"name": "CVE-2019-2494",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2494"
},
{
"name": "CVE-2019-2535",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2535"
},
{
"name": "CVE-2019-2533",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2533"
},
{
"name": "CVE-2019-2495",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2495"
},
{
"name": "CVE-2019-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2513"
},
{
"name": "CVE-2019-2536",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2536"
},
{
"name": "CVE-2019-2502",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2502"
},
{
"name": "CVE-2019-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2634"
},
{
"name": "CVE-2019-2587",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2587"
},
{
"name": "CVE-2019-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2584"
},
{
"name": "CVE-2019-2691",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2691"
},
{
"name": "CVE-2019-2606",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2606"
},
{
"name": "CVE-2019-2630",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2630"
},
{
"name": "CVE-2019-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2624"
},
{
"name": "CVE-2019-2623",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2623"
},
{
"name": "CVE-2019-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2695"
},
{
"name": "CVE-2019-2596",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2596"
},
{
"name": "CVE-2019-2580",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2580"
},
{
"name": "CVE-2019-2644",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2644"
},
{
"name": "CVE-2019-2681",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2681"
},
{
"name": "CVE-2019-2617",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2617"
},
{
"name": "CVE-2019-2636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2636"
},
{
"name": "CVE-2019-2689",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2689"
},
{
"name": "CVE-2019-2693",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2693"
},
{
"name": "CVE-2019-2593",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2593"
},
{
"name": "CVE-2019-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2625"
},
{
"name": "CVE-2019-2585",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2585"
},
{
"name": "CVE-2019-2631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2631"
},
{
"name": "CVE-2019-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2694"
},
{
"name": "CVE-2019-2620",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2620"
},
{
"name": "CVE-2019-2688",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2688"
},
{
"name": "CVE-2019-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2589"
},
{
"name": "CVE-2019-2635",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2635"
},
{
"name": "CVE-2019-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2626"
},
{
"name": "CVE-2019-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2686"
},
{
"name": "CVE-2019-2685",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2685"
},
{
"name": "CVE-2019-2687",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2687"
},
{
"name": "CVE-2019-2607",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2607"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2019-2811",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2811"
},
{
"name": "CVE-2019-2740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2740"
},
{
"name": "CVE-2019-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2879"
},
{
"name": "CVE-2019-2808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2808"
},
{
"name": "CVE-2019-2738",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2738"
},
{
"name": "CVE-2019-2819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2819"
},
{
"name": "CVE-2019-2737",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2737"
},
{
"name": "CVE-2019-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2814"
},
{
"name": "CVE-2019-2778",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2778"
},
{
"name": "CVE-2019-2822",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2822"
},
{
"name": "CVE-2019-2802",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2802"
},
{
"name": "CVE-2019-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2803"
},
{
"name": "CVE-2019-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2752"
},
{
"name": "CVE-2019-2826",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2826"
},
{
"name": "CVE-2019-2784",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2784"
},
{
"name": "CVE-2019-2789",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2789"
},
{
"name": "CVE-2019-2801",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2801"
},
{
"name": "CVE-2019-2791",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2791"
},
{
"name": "CVE-2019-2798",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2798"
},
{
"name": "CVE-2019-2796",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2796"
},
{
"name": "CVE-2019-2815",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2815"
},
{
"name": "CVE-2019-2810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2810"
},
{
"name": "CVE-2019-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2780"
},
{
"name": "CVE-2019-2758",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2758"
},
{
"name": "CVE-2019-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2757"
},
{
"name": "CVE-2019-2785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2785"
},
{
"name": "CVE-2019-2747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2747"
},
{
"name": "CVE-2019-2741",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2741"
},
{
"name": "CVE-2019-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2830"
},
{
"name": "CVE-2019-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2834"
},
{
"name": "CVE-2019-2743",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2743"
},
{
"name": "CVE-2019-2739",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2739"
},
{
"name": "CVE-2019-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2805"
},
{
"name": "CVE-2019-2797",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2797"
},
{
"name": "CVE-2019-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2774"
},
{
"name": "CVE-2019-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2795"
},
{
"name": "CVE-2019-2746",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2746"
},
{
"name": "CVE-2019-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2812"
},
{
"name": "CVE-2019-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2924"
},
{
"name": "CVE-2019-2914",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2914"
},
{
"name": "CVE-2019-2960",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2960"
},
{
"name": "CVE-2019-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2923"
},
{
"name": "CVE-2019-2968",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2968"
},
{
"name": "CVE-2019-2993",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2993"
},
{
"name": "CVE-2019-3009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3009"
},
{
"name": "CVE-2019-2969",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2969"
},
{
"name": "CVE-2019-3011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3011"
},
{
"name": "CVE-2019-2967",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2967"
},
{
"name": "CVE-2019-2946",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2946"
},
{
"name": "CVE-2019-2966",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2966"
},
{
"name": "CVE-2019-2957",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2957"
},
{
"name": "CVE-2019-2948",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2948"
},
{
"name": "CVE-2019-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2922"
},
{
"name": "CVE-2019-3004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3004"
},
{
"name": "CVE-2019-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2998"
},
{
"name": "CVE-2019-2911",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2911"
},
{
"name": "CVE-2019-2950",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2950"
},
{
"name": "CVE-2019-2910",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2910"
},
{
"name": "CVE-2019-3018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3018"
},
{
"name": "CVE-2019-2974",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2974"
},
{
"name": "CVE-2019-2991",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2991"
},
{
"name": "CVE-2019-2997",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2997"
},
{
"name": "CVE-2019-2938",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2938"
},
{
"name": "CVE-2019-3003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3003"
},
{
"name": "CVE-2019-2982",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2982"
},
{
"name": "CVE-2019-2963",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2963"
},
{
"name": "CVE-2020-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2579"
},
{
"name": "CVE-2020-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2584"
},
{
"name": "CVE-2020-2577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2577"
},
{
"name": "CVE-2020-2679",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2679"
},
{
"name": "CVE-2020-2570",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2570"
},
{
"name": "CVE-2020-2572",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2572"
},
{
"name": "CVE-2020-2627",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2627"
},
{
"name": "CVE-2020-2660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2660"
},
{
"name": "CVE-2020-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2589"
},
{
"name": "CVE-2020-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2573"
},
{
"name": "CVE-2020-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2686"
},
{
"name": "CVE-2020-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2694"
},
{
"name": "CVE-2020-2574",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2574"
},
{
"name": "CVE-2020-2770",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2770"
},
{
"name": "CVE-2020-2925",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2925"
},
{
"name": "CVE-2020-2853",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2853"
},
{
"name": "CVE-2020-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2774"
},
{
"name": "CVE-2020-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2928"
},
{
"name": "CVE-2020-2897",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2897"
},
{
"name": "CVE-2020-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2812"
},
{
"name": "CVE-2020-2765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2765"
},
{
"name": "CVE-2020-2761",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2761"
},
{
"name": "CVE-2020-2790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2790"
},
{
"name": "CVE-2020-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2752"
},
{
"name": "CVE-2020-2904",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2904"
},
{
"name": "CVE-2020-2893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2893"
},
{
"name": "CVE-2020-2760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2760"
},
{
"name": "CVE-2020-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2780"
},
{
"name": "CVE-2020-2903",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2903"
},
{
"name": "CVE-2020-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2924"
},
{
"name": "CVE-2020-2806",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2806"
},
{
"name": "CVE-2020-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2922"
},
{
"name": "CVE-2020-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2901"
},
{
"name": "CVE-2020-2926",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2926"
},
{
"name": "CVE-2020-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2923"
},
{
"name": "CVE-2020-2921",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2921"
},
{
"name": "CVE-2020-2779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2779"
},
{
"name": "CVE-2020-2892",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2892"
},
{
"name": "CVE-2020-2896",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2896"
},
{
"name": "CVE-2020-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2804"
},
{
"name": "CVE-2020-2895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2895"
},
{
"name": "CVE-2020-2930",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2930"
},
{
"name": "CVE-2020-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2814"
},
{
"name": "CVE-2020-2759",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2759"
},
{
"name": "CVE-2020-2763",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2763"
},
{
"name": "CVE-2020-14550",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14550"
},
{
"name": "CVE-2020-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14567"
},
{
"name": "CVE-2020-14559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14559"
},
{
"name": "CVE-2020-14576",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14576"
},
{
"name": "CVE-2020-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14540"
},
{
"name": "CVE-2020-14547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14547"
},
{
"name": "CVE-2020-14553",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14553"
},
{
"name": "CVE-2020-14539",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14539"
},
{
"name": "CVE-2020-14845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14845"
},
{
"name": "CVE-2020-14799",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14799"
},
{
"name": "CVE-2020-14793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14793"
},
{
"name": "CVE-2020-14888",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14888"
},
{
"name": "CVE-2020-14790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14790"
},
{
"name": "CVE-2020-14789",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14789"
},
{
"name": "CVE-2020-14672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14672"
},
{
"name": "CVE-2020-14846",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14846"
},
{
"name": "CVE-2020-14771",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14771"
},
{
"name": "CVE-2020-14873",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14873"
},
{
"name": "CVE-2020-14791",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14791"
},
{
"name": "CVE-2020-14769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14769"
},
{
"name": "CVE-2020-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14844"
},
{
"name": "CVE-2020-14809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14809"
},
{
"name": "CVE-2020-14860",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14860"
},
{
"name": "CVE-2020-14866",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14866"
},
{
"name": "CVE-2020-14861",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14861"
},
{
"name": "CVE-2020-14773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14773"
},
{
"name": "CVE-2020-14776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14776"
},
{
"name": "CVE-2020-14852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14852"
},
{
"name": "CVE-2020-14760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14760"
},
{
"name": "CVE-2020-14870",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14870"
},
{
"name": "CVE-2020-14837",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14837"
},
{
"name": "CVE-2020-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14893"
},
{
"name": "CVE-2020-14836",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14836"
},
{
"name": "CVE-2020-14829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14829"
},
{
"name": "CVE-2020-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14868"
},
{
"name": "CVE-2020-14827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14827"
},
{
"name": "CVE-2020-14839",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14839"
},
{
"name": "CVE-2020-14777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14777"
},
{
"name": "CVE-2020-14812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14812"
},
{
"name": "CVE-2020-14775",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14775"
},
{
"name": "CVE-2020-14838",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14838"
},
{
"name": "CVE-2020-14869",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14869"
},
{
"name": "CVE-2020-14765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14765"
},
{
"name": "CVE-2020-14814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14814"
},
{
"name": "CVE-2020-14821",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14821"
},
{
"name": "CVE-2020-14830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14830"
},
{
"name": "CVE-2020-14828",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14828"
},
{
"name": "CVE-2020-14804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14804"
},
{
"name": "CVE-2020-14800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14800"
},
{
"name": "CVE-2020-14891",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14891"
},
{
"name": "CVE-2020-14848",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14848"
},
{
"name": "CVE-2020-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14867"
},
{
"name": "CVE-2020-14785",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14785"
},
{
"name": "CVE-2020-14794",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14794"
},
{
"name": "CVE-2020-14786",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14786"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-2010",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2010"
},
{
"name": "CVE-2021-2001",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2001"
},
{
"name": "CVE-2021-2060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2060"
},
{
"name": "CVE-2021-2014",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2014"
},
{
"name": "CVE-2021-2032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2032"
},
{
"name": "CVE-2021-2036",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2036"
},
{
"name": "CVE-2021-2007",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2007"
},
{
"name": "CVE-2021-2011",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2011"
},
{
"name": "CVE-2021-2022",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2022"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2021-2308",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2308"
},
{
"name": "CVE-2021-2213",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2213"
},
{
"name": "CVE-2021-2172",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2172"
},
{
"name": "CVE-2021-2293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2293"
},
{
"name": "CVE-2021-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2208"
},
{
"name": "CVE-2021-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2196"
},
{
"name": "CVE-2021-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
},
{
"name": "CVE-2021-2298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2298"
},
{
"name": "CVE-2021-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
},
{
"name": "CVE-2021-2179",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
},
{
"name": "CVE-2021-2307",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
},
{
"name": "CVE-2021-2217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2217"
},
{
"name": "CVE-2021-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
},
{
"name": "CVE-2021-2203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2203"
},
{
"name": "CVE-2021-2144",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
},
{
"name": "CVE-2021-2226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
},
{
"name": "CVE-2021-2232",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2232"
},
{
"name": "CVE-2021-2169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
},
{
"name": "CVE-2021-2301",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2301"
},
{
"name": "CVE-2021-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
},
{
"name": "CVE-2021-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
},
{
"name": "CVE-2021-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
},
{
"name": "CVE-2021-2154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
},
{
"name": "CVE-2021-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2193"
},
{
"name": "CVE-2021-2300",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2300"
},
{
"name": "CVE-2021-2299",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2299"
},
{
"name": "CVE-2021-2212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2212"
},
{
"name": "CVE-2021-2178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
},
{
"name": "CVE-2021-2146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
},
{
"name": "CVE-2021-2230",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2230"
},
{
"name": "CVE-2021-2278",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2278"
},
{
"name": "CVE-2021-2164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2164"
},
{
"name": "CVE-2021-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2201"
},
{
"name": "CVE-2021-2170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2170"
},
{
"name": "CVE-2021-2304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2304"
},
{
"name": "CVE-2021-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
},
{
"name": "CVE-2021-2171",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
},
{
"name": "CVE-2021-2305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2305"
},
{
"name": "CVE-2021-2215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2215"
},
{
"name": "CVE-2021-25214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25214"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2021-2370",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2370"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2021-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2444"
},
{
"name": "CVE-2021-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2429"
},
{
"name": "CVE-2021-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2426"
},
{
"name": "CVE-2021-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2427"
},
{
"name": "CVE-2021-2339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2339"
},
{
"name": "CVE-2021-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2425"
},
{
"name": "CVE-2021-2387",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2387"
},
{
"name": "CVE-2021-2383",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2383"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2021-2399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2399"
},
{
"name": "CVE-2021-2384",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2384"
},
{
"name": "CVE-2021-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2412"
},
{
"name": "CVE-2021-2441",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2441"
},
{
"name": "CVE-2021-2410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2410"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2021-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2437"
},
{
"name": "CVE-2021-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2417"
},
{
"name": "CVE-2021-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2424"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2021-2357",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2357"
},
{
"name": "CVE-2021-2352",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2352"
},
{
"name": "CVE-2021-2402",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2402"
},
{
"name": "CVE-2021-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2440"
},
{
"name": "CVE-2021-2340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2340"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2021-2374",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2374"
},
{
"name": "CVE-2021-2356",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
},
{
"name": "CVE-2021-2411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2411"
},
{
"name": "CVE-2021-2418",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2418"
},
{
"name": "CVE-2021-2367",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2367"
},
{
"name": "CVE-2021-2354",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2354"
},
{
"name": "CVE-2021-2422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2422"
},
{
"name": "CVE-2020-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
},
{
"name": "CVE-2020-12723",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2020-28500",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-35640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35640"
},
{
"name": "CVE-2021-35626",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35626"
},
{
"name": "CVE-2021-2478",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2478"
},
{
"name": "CVE-2021-35624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
},
{
"name": "CVE-2021-35583",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35583"
},
{
"name": "CVE-2021-35628",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35628"
},
{
"name": "CVE-2021-35630",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35630"
},
{
"name": "CVE-2021-35644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35644"
},
{
"name": "CVE-2021-2479",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2479"
},
{
"name": "CVE-2021-35638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35638"
},
{
"name": "CVE-2021-35646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35646"
},
{
"name": "CVE-2021-35596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35596"
},
{
"name": "CVE-2021-35643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35643"
},
{
"name": "CVE-2021-35637",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35637"
},
{
"name": "CVE-2021-35623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35623"
},
{
"name": "CVE-2021-35632",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35632"
},
{
"name": "CVE-2021-35641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35641"
},
{
"name": "CVE-2021-35604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
},
{
"name": "CVE-2021-35636",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35636"
},
{
"name": "CVE-2021-35546",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35546"
},
{
"name": "CVE-2021-35627",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35627"
},
{
"name": "CVE-2021-35625",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35625"
},
{
"name": "CVE-2021-35608",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35608"
},
{
"name": "CVE-2021-35597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35597"
},
{
"name": "CVE-2021-35537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35537"
},
{
"name": "CVE-2021-2481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2481"
},
{
"name": "CVE-2021-35622",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35622"
},
{
"name": "CVE-2021-35610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35610"
},
{
"name": "CVE-2021-35633",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35633"
},
{
"name": "CVE-2021-35634",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35634"
},
{
"name": "CVE-2021-35629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35629"
},
{
"name": "CVE-2021-35631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35631"
},
{
"name": "CVE-2021-35645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35645"
},
{
"name": "CVE-2021-35647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35647"
},
{
"name": "CVE-2021-35612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35612"
},
{
"name": "CVE-2021-35639",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35639"
},
{
"name": "CVE-2021-35648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35648"
},
{
"name": "CVE-2021-35607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35607"
},
{
"name": "CVE-2021-35602",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35602"
},
{
"name": "CVE-2021-35577",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35577"
},
{
"name": "CVE-2021-35642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35642"
},
{
"name": "CVE-2021-35575",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35575"
},
{
"name": "CVE-2021-35635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35635"
},
{
"name": "CVE-2021-35591",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35591"
},
{
"name": "CVE-2021-25219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25219"
},
{
"name": "CVE-2021-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3875"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2022-21352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21352"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2022-21254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21254"
},
{
"name": "CVE-2022-21265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21265"
},
{
"name": "CVE-2022-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21348"
},
{
"name": "CVE-2022-21372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21372"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2022-21368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21368"
},
{
"name": "CVE-2022-21339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21339"
},
{
"name": "CVE-2022-21264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21264"
},
{
"name": "CVE-2022-21297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21297"
},
{
"name": "CVE-2022-21379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21379"
},
{
"name": "CVE-2022-21253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21253"
},
{
"name": "CVE-2022-21301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21301"
},
{
"name": "CVE-2022-21378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21378"
},
{
"name": "CVE-2022-21370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21370"
},
{
"name": "CVE-2022-21302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21302"
},
{
"name": "CVE-2022-21249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21249"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2022-21342",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21342"
},
{
"name": "CVE-2022-21362",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21362"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2022-21256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21256"
},
{
"name": "CVE-2022-21358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21358"
},
{
"name": "CVE-2022-21374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21374"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2021-4193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4193"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2022-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
},
{
"name": "CVE-2022-21418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21418"
},
{
"name": "CVE-2022-21412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21412"
},
{
"name": "CVE-2022-21437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21437"
},
{
"name": "CVE-2022-21478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21478"
},
{
"name": "CVE-2022-21479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21479"
},
{
"name": "CVE-2022-21438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21438"
},
{
"name": "CVE-2022-21440",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21440"
},
{
"name": "CVE-2022-21451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
},
{
"name": "CVE-2022-21427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
},
{
"name": "CVE-2022-21415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21415"
},
{
"name": "CVE-2022-21459",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21459"
},
{
"name": "CVE-2022-21460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
},
{
"name": "CVE-2022-21414",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21414"
},
{
"name": "CVE-2022-21413",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21413"
},
{
"name": "CVE-2022-21436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21436"
},
{
"name": "CVE-2022-21435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21435"
},
{
"name": "CVE-2022-21462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21462"
},
{
"name": "CVE-2022-21444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
},
{
"name": "CVE-2022-21417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
},
{
"name": "CVE-2022-21457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21457"
},
{
"name": "CVE-2022-21425",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21425"
},
{
"name": "CVE-2022-21452",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21452"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2021-4122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2022-21525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21525"
},
{
"name": "CVE-2022-21537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21537"
},
{
"name": "CVE-2022-21455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21455"
},
{
"name": "CVE-2022-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21534"
},
{
"name": "CVE-2022-21528",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21528"
},
{
"name": "CVE-2022-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21529"
},
{
"name": "CVE-2022-21531",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21531"
},
{
"name": "CVE-2022-21515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21515"
},
{
"name": "CVE-2022-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21538"
},
{
"name": "CVE-2022-21527",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21527"
},
{
"name": "CVE-2022-21517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21517"
},
{
"name": "CVE-2022-21539",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21539"
},
{
"name": "CVE-2022-21556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21556"
},
{
"name": "CVE-2022-21509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21509"
},
{
"name": "CVE-2022-21553",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21553"
},
{
"name": "CVE-2022-21530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21530"
},
{
"name": "CVE-2022-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21522"
},
{
"name": "CVE-2022-21547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21547"
},
{
"name": "CVE-2022-21569",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21569"
},
{
"name": "CVE-2022-21526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21526"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2022-0396",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0396"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-21592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
},
{
"name": "CVE-2022-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
},
{
"name": "CVE-2022-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
},
{
"name": "CVE-2022-21608",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
},
{
"name": "CVE-2022-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
},
{
"name": "CVE-2023-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21863"
},
{
"name": "CVE-2023-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21873"
},
{
"name": "CVE-2023-21879",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21879"
},
{
"name": "CVE-2023-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21880"
},
{
"name": "CVE-2023-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21869"
},
{
"name": "CVE-2023-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21872"
},
{
"name": "CVE-2023-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21877"
},
{
"name": "CVE-2023-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21870"
},
{
"name": "CVE-2023-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21887"
},
{
"name": "CVE-2023-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21836"
},
{
"name": "CVE-2023-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21881"
},
{
"name": "CVE-2023-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21876"
},
{
"name": "CVE-2023-21840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
},
{
"name": "CVE-2023-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21878"
},
{
"name": "CVE-2023-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21866"
},
{
"name": "CVE-2023-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21875"
},
{
"name": "CVE-2023-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21865"
},
{
"name": "CVE-2023-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21883"
},
{
"name": "CVE-2023-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21867"
},
{
"name": "CVE-2023-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21874"
},
{
"name": "CVE-2023-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21871"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2023-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
},
{
"name": "CVE-2023-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21977"
},
{
"name": "CVE-2023-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22053"
},
{
"name": "CVE-2023-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22007"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2023-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22097"
},
{
"name": "CVE-2023-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
},
{
"name": "CVE-2023-22026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22026"
},
{
"name": "CVE-2023-22028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22028"
},
{
"name": "CVE-2023-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22015"
},
{
"name": "CVE-2023-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22103"
},
{
"name": "CVE-2023-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22068"
},
{
"name": "CVE-2023-22078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22078"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-22059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22059"
},
{
"name": "CVE-2023-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22066"
},
{
"name": "CVE-2023-22114",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22114"
},
{
"name": "CVE-2023-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22070"
},
{
"name": "CVE-2023-22032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22032"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2021-22570",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22570"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2021-20193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-47100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47100"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2022-27772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27772"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2024-21137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21137"
},
{
"name": "CVE-2024-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2023-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5841"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2022-21454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
},
{
"name": "CVE-2024-21193",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21193"
},
{
"name": "CVE-2024-21194",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21194"
},
{
"name": "CVE-2024-21196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21196"
},
{
"name": "CVE-2024-21197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21197"
},
{
"name": "CVE-2024-21198",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21198"
},
{
"name": "CVE-2024-21199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21199"
},
{
"name": "CVE-2024-21201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21201"
},
{
"name": "CVE-2024-21207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21207"
},
{
"name": "CVE-2024-21209",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21209"
},
{
"name": "CVE-2024-21212",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21212"
},
{
"name": "CVE-2024-21213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21213"
},
{
"name": "CVE-2024-21219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21219"
},
{
"name": "CVE-2024-21236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21236"
},
{
"name": "CVE-2024-21239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21239"
},
{
"name": "CVE-2024-21241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21241"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2024-10487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
},
{
"name": "CVE-2024-10458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10458"
},
{
"name": "CVE-2024-10459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10459"
},
{
"name": "CVE-2024-10460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10460"
},
{
"name": "CVE-2024-10461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10461"
},
{
"name": "CVE-2024-10462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10462"
},
{
"name": "CVE-2024-10463",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10463"
},
{
"name": "CVE-2024-10464",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10464"
},
{
"name": "CVE-2024-10465",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10465"
},
{
"name": "CVE-2024-10466",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10466"
},
{
"name": "CVE-2024-10467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10467"
},
{
"name": "CVE-2024-10468",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10468"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2024-11395",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11395"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2024-50073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
},
{
"name": "CVE-2024-11691",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11691"
},
{
"name": "CVE-2024-11692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11692"
},
{
"name": "CVE-2024-11693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11693"
},
{
"name": "CVE-2024-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11694"
},
{
"name": "CVE-2024-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11695"
},
{
"name": "CVE-2024-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11696"
},
{
"name": "CVE-2024-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11697"
},
{
"name": "CVE-2024-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11698"
},
{
"name": "CVE-2024-11699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11699"
},
{
"name": "CVE-2024-11700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11700"
},
{
"name": "CVE-2024-11701",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11701"
},
{
"name": "CVE-2024-11702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11702"
},
{
"name": "CVE-2024-11703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11703"
},
{
"name": "CVE-2024-11704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11704"
},
{
"name": "CVE-2024-11705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11705"
},
{
"name": "CVE-2024-11706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11706"
},
{
"name": "CVE-2024-11708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11708"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2025-0237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0237"
},
{
"name": "CVE-2025-0238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0238"
},
{
"name": "CVE-2025-0239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0239"
},
{
"name": "CVE-2025-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0240"
},
{
"name": "CVE-2025-0241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0241"
},
{
"name": "CVE-2025-0242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0242"
},
{
"name": "CVE-2025-0243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0243"
},
{
"name": "CVE-2025-0245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0245"
},
{
"name": "CVE-2025-0247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0247"
},
{
"name": "CVE-2025-0434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0434"
},
{
"name": "CVE-2025-0435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0435"
},
{
"name": "CVE-2025-0436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0436"
},
{
"name": "CVE-2025-0437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0437"
},
{
"name": "CVE-2025-0438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0438"
},
{
"name": "CVE-2025-0439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0439"
},
{
"name": "CVE-2025-0440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0440"
},
{
"name": "CVE-2025-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0441"
},
{
"name": "CVE-2025-0442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0442"
},
{
"name": "CVE-2025-0443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0443"
},
{
"name": "CVE-2025-0446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0446"
},
{
"name": "CVE-2025-0447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0447"
},
{
"name": "CVE-2025-0448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0448"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-0612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0612"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0444"
},
{
"name": "CVE-2025-0445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0445"
},
{
"name": "CVE-2025-0451",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0451"
},
{
"name": "CVE-2025-0762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0762"
},
{
"name": "CVE-2025-1009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1009"
},
{
"name": "CVE-2025-1010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1010"
},
{
"name": "CVE-2025-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1011"
},
{
"name": "CVE-2025-1012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1012"
},
{
"name": "CVE-2025-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1013"
},
{
"name": "CVE-2025-1014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1014"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1016"
},
{
"name": "CVE-2025-1017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1017"
},
{
"name": "CVE-2025-1018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1018"
},
{
"name": "CVE-2025-1019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1019"
},
{
"name": "CVE-2025-1020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1020"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2025-0995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0995"
},
{
"name": "CVE-2025-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0996"
},
{
"name": "CVE-2025-0997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0997"
},
{
"name": "CVE-2025-0998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0998"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-1414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1414"
},
{
"name": "CVE-2025-0999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0999"
},
{
"name": "CVE-2025-1006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1006"
},
{
"name": "CVE-2025-1426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1426"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2023-39017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39017"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-1914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1914"
},
{
"name": "CVE-2025-1915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1915"
},
{
"name": "CVE-2025-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1916"
},
{
"name": "CVE-2025-1917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1917"
},
{
"name": "CVE-2025-1918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1918"
},
{
"name": "CVE-2025-1919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1919"
},
{
"name": "CVE-2025-1921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1921"
},
{
"name": "CVE-2025-1922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1922"
},
{
"name": "CVE-2025-1923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1923"
},
{
"name": "CVE-2025-1930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1930"
},
{
"name": "CVE-2025-1931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1931"
},
{
"name": "CVE-2025-1932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1932"
},
{
"name": "CVE-2025-1933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1933"
},
{
"name": "CVE-2025-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1934"
},
{
"name": "CVE-2025-1935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1935"
},
{
"name": "CVE-2025-1936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1936"
},
{
"name": "CVE-2025-1937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1937"
},
{
"name": "CVE-2025-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1938"
},
{
"name": "CVE-2025-1939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1939"
},
{
"name": "CVE-2025-1940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1940"
},
{
"name": "CVE-2025-1941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1941"
},
{
"name": "CVE-2025-1942",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1942"
},
{
"name": "CVE-2025-1943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1943"
},
{
"name": "CVE-2025-1920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1920"
},
{
"name": "CVE-2025-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
},
{
"name": "CVE-2025-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2136"
},
{
"name": "CVE-2025-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2137"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2024-45772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45772"
},
{
"name": "CVE-2025-2476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2476"
},
{
"name": "CVE-2025-2857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2857"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-2783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2025-3066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3066"
},
{
"name": "CVE-2025-3067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3067"
},
{
"name": "CVE-2025-3068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3068"
},
{
"name": "CVE-2025-3071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3071"
},
{
"name": "CVE-2025-3072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3072"
},
{
"name": "CVE-2025-3073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3073"
},
{
"name": "CVE-2025-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3074"
},
{
"name": "CVE-2025-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3028"
},
{
"name": "CVE-2025-3029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3029"
},
{
"name": "CVE-2025-3030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3030"
},
{
"name": "CVE-2025-3031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3031"
},
{
"name": "CVE-2025-3032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3032"
},
{
"name": "CVE-2025-3033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3033"
},
{
"name": "CVE-2025-3034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3034"
},
{
"name": "CVE-2025-3035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3035"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2025-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3608"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-21588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21588"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3619"
},
{
"name": "CVE-2025-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3620"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-4050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4050"
},
{
"name": "CVE-2025-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4051"
},
{
"name": "CVE-2025-4052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4052"
},
{
"name": "CVE-2025-4096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4096"
},
{
"name": "CVE-2025-2817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2817"
},
{
"name": "CVE-2025-4082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4082"
},
{
"name": "CVE-2025-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4083"
},
{
"name": "CVE-2025-4085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4085"
},
{
"name": "CVE-2025-4087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4087"
},
{
"name": "CVE-2025-4088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4088"
},
{
"name": "CVE-2025-4089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4089"
},
{
"name": "CVE-2025-4090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4090"
},
{
"name": "CVE-2025-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4091"
},
{
"name": "CVE-2025-4092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4092"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2025-29087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29087"
},
{
"name": "CVE-2025-3277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3277"
},
{
"name": "CVE-2025-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4609"
},
{
"name": "CVE-2025-4664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4664"
},
{
"name": "CVE-2025-4372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4372"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-4918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4918"
},
{
"name": "CVE-2025-4919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4919"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2025-5063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5063"
},
{
"name": "CVE-2025-5064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5064"
},
{
"name": "CVE-2025-5065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5065"
},
{
"name": "CVE-2025-5066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5066"
},
{
"name": "CVE-2025-5067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5067"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-5263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5263"
},
{
"name": "CVE-2025-5264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5264"
},
{
"name": "CVE-2025-5265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5265"
},
{
"name": "CVE-2025-5266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5266"
},
{
"name": "CVE-2025-5267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5267"
},
{
"name": "CVE-2025-5268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5268"
},
{
"name": "CVE-2025-5270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5270"
},
{
"name": "CVE-2025-5271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5271"
},
{
"name": "CVE-2025-5272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5272"
},
{
"name": "CVE-2025-5281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5281"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2025-5068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5068"
},
{
"name": "CVE-2025-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5419"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-49709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49709"
},
{
"name": "CVE-2025-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49710"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-5958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5958"
},
{
"name": "CVE-2025-5959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5959"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-6191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6191"
},
{
"name": "CVE-2025-6192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6192"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
},
{
"name": "CVE-2025-6424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6424"
},
{
"name": "CVE-2025-6425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6425"
},
{
"name": "CVE-2025-6426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6426"
},
{
"name": "CVE-2025-6427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6427"
},
{
"name": "CVE-2025-6429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6429"
},
{
"name": "CVE-2025-6430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6430"
},
{
"name": "CVE-2025-6432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6432"
},
{
"name": "CVE-2025-6433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6433"
},
{
"name": "CVE-2025-6434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6434"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2025-6555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6555"
},
{
"name": "CVE-2025-6556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6556"
},
{
"name": "CVE-2025-6557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6557"
},
{
"name": "CVE-2025-6435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6435"
},
{
"name": "CVE-2025-6436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6436"
},
{
"name": "CVE-2025-6554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6554"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-6558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
},
{
"name": "CVE-2025-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7656"
},
{
"name": "CVE-2025-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7657"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2020-16156",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16156"
},
{
"name": "CVE-2025-8010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8010"
},
{
"name": "CVE-2025-8011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8011"
},
{
"name": "CVE-2025-8027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8027"
},
{
"name": "CVE-2025-8028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8028"
},
{
"name": "CVE-2025-8029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8029"
},
{
"name": "CVE-2025-8030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8030"
},
{
"name": "CVE-2025-8031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8031"
},
{
"name": "CVE-2025-8032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8032"
},
{
"name": "CVE-2025-8033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8033"
},
{
"name": "CVE-2025-8034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8034"
},
{
"name": "CVE-2025-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8035"
},
{
"name": "CVE-2025-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8036"
},
{
"name": "CVE-2025-8037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8037"
},
{
"name": "CVE-2025-8038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8038"
},
{
"name": "CVE-2025-8039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8039"
},
{
"name": "CVE-2025-8040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8040"
},
{
"name": "CVE-2025-8041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8041"
},
{
"name": "CVE-2025-8043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8043"
},
{
"name": "CVE-2025-8044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8044"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-8292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8292"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2025-8576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8576"
},
{
"name": "CVE-2025-8577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8577"
},
{
"name": "CVE-2025-8578",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8578"
},
{
"name": "CVE-2025-8579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8579"
},
{
"name": "CVE-2025-8580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8580"
},
{
"name": "CVE-2025-8581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8581"
},
{
"name": "CVE-2025-8582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8582"
},
{
"name": "CVE-2025-8583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8583"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2025-8879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8879"
},
{
"name": "CVE-2025-8880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8880"
},
{
"name": "CVE-2025-8881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8881"
},
{
"name": "CVE-2025-8882",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8882"
},
{
"name": "CVE-2025-8901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8901"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2025-9132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9132"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2005-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2541"
},
{
"name": "CVE-2008-5727",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5727"
},
{
"name": "CVE-2008-5728",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5728"
},
{
"name": "CVE-2008-5729",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5729"
},
{
"name": "CVE-2008-5730",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5730"
},
{
"name": "CVE-2008-5742",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5742"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2015-2214",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2214"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2016-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2149"
},
{
"name": "CVE-2016-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2160"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2017-12195",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12195"
},
{
"name": "CVE-2017-12629",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12629"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2018-1000169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000169"
},
{
"name": "CVE-2018-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1196"
},
{
"name": "CVE-2018-1273",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1273"
},
{
"name": "CVE-2019-10782",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10782"
},
{
"name": "CVE-2019-9658",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9658"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2021-20298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20298"
},
{
"name": "CVE-2021-20304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20304"
},
{
"name": "CVE-2021-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22055"
},
{
"name": "CVE-2021-23169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23169"
},
{
"name": "CVE-2021-3236",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3236"
},
{
"name": "CVE-2022-0635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0635"
},
{
"name": "CVE-2022-0667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0667"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2023-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39810"
},
{
"name": "CVE-2023-4156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4156"
},
{
"name": "CVE-2023-4320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4320"
},
{
"name": "CVE-2023-43785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
},
{
"name": "CVE-2023-43786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
},
{
"name": "CVE-2023-43787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
},
{
"name": "CVE-2023-46129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46129"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2023-5189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5189"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2024-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22047"
},
{
"name": "CVE-2024-2397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2397"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-31047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31047"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2024-7012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7012"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-26519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26519"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2025-46392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2025-5115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2025-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8262"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-9179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9179"
},
{
"name": "CVE-2025-9180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9180"
},
{
"name": "CVE-2025-9181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9181"
},
{
"name": "CVE-2025-9182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9182"
},
{
"name": "CVE-2025-9183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9183"
},
{
"name": "CVE-2025-9184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9184"
},
{
"name": "CVE-2025-9185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9185"
},
{
"name": "CVE-2025-9187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9187"
},
{
"name": "CVE-2025-9308",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9308"
}
],
"initial_release_date": "2025-09-05T00:00:00",
"last_revision_date": "2025-09-05T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0756",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36093",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36093"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36102",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36102"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36101",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36101"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36100",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36100"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36105",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36105"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36091",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36091"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36078",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36078"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36107",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36107"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36094",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36094"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36097",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36097"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-46",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36104"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36108",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36108"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36095",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36095"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-09",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36090"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36096",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36096"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36106",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36106"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36109",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36109"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36098",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36098"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36111"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36103",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36103"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36099",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36099"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36092",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36092"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36110",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36110"
}
]
}
wid-sec-w-2025-2251
Vulnerability from csaf_certbund
Published
2025-10-09 22:00
Modified
2025-10-15 22:00
Summary
Red Hat OpenShift GitOps: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift GitOps ist eine Lösung, die Git als Single Source of Truth für die deklarative Infrastruktur- und Anwendungsbereitstellung in OpenShift-Clustern nutzt.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift GitOps ausnutzen, um Daten zu manipulieren, falsche Informationen darzustellen, oder einen Denial of Service zu verursachen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift GitOps ist eine L\u00f6sung, die Git als Single Source of Truth f\u00fcr die deklarative Infrastruktur- und Anwendungsbereitstellung in OpenShift-Clustern nutzt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift GitOps ausnutzen, um Daten zu manipulieren, falsche Informationen darzustellen, oder einen Denial of Service zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2251 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2251.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2251 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2251"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2025-10-09",
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18093 vom 2025-10-15",
"url": "https://access.redhat.com/errata/RHSA-2025:18093"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift GitOps: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-15T22:00:00.000+00:00",
"generator": {
"date": "2025-10-16T09:43:25.495+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2251",
"initial_release_date": "2025-10-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.17.2",
"product": {
"name": "Red Hat OpenShift GitOps \u003c1.17.2",
"product_id": "T047551"
}
},
{
"category": "product_version",
"name": "1.17.2",
"product": {
"name": "Red Hat OpenShift GitOps 1.17.2",
"product_id": "T047551-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.17.2"
}
}
}
],
"category": "product_name",
"name": "OpenShift GitOps"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"product_status": {
"known_affected": [
"67646",
"T047551"
]
},
"release_date": "2025-10-09T22:00:00.000+00:00",
"title": "CVE-2025-22874"
},
{
"cve": "CVE-2025-47907",
"product_status": {
"known_affected": [
"67646",
"T047551"
]
},
"release_date": "2025-10-09T22:00:00.000+00:00",
"title": "CVE-2025-47907"
},
{
"cve": "CVE-2025-59531",
"product_status": {
"known_affected": [
"67646",
"T047551"
]
},
"release_date": "2025-10-09T22:00:00.000+00:00",
"title": "CVE-2025-59531"
},
{
"cve": "CVE-2025-59537",
"product_status": {
"known_affected": [
"67646",
"T047551"
]
},
"release_date": "2025-10-09T22:00:00.000+00:00",
"title": "CVE-2025-59537"
},
{
"cve": "CVE-2025-59538",
"product_status": {
"known_affected": [
"67646",
"T047551"
]
},
"release_date": "2025-10-09T22:00:00.000+00:00",
"title": "CVE-2025-59538"
}
]
}
wid-sec-w-2025-1205
Vulnerability from csaf_certbund
Published
2025-06-01 22:00
Modified
2025-08-14 22:00
Summary
Golang Go: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Go ist eine quelloffene Programmiersprache.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder weitere nicht spezifizierte Auswirkungen zu erziehlen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Go ist eine quelloffene Programmiersprache.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder weitere nicht spezifizierte Auswirkungen zu erziehlen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1205 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1205.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1205 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1205"
},
{
"category": "external",
"summary": "Go 1.24.4 and Go 1.23.10 pre-announcement vom 2025-06-01",
"url": "https://groups.google.com/g/Golang-Nuts/c/T9FCA0Vz5DU"
},
{
"category": "external",
"summary": "Golang GitHub vom 2025-06-01",
"url": "https://github.com/golang/go/commit/adcad7bea9f6933a219c7b05d8173cf8a4586092"
},
{
"category": "external",
"summary": "Golang GitHub vom 2025-06-01",
"url": "https://github.com/golang/go/commit/9bba799955e68972041c4f340ee4ea2d267e5c0e"
},
{
"category": "external",
"summary": "Golang GitHub vom 2025-06-01",
"url": "https://github.com/golang/go/issues/73816"
},
{
"category": "external",
"summary": "Golang Announce",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A/m/XDxq7uidAgAJ"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01848-1 vom 2025-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021439.html"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202506-4 vom 2025-06-07",
"url": "https://security.archlinux.org/ASA-202506-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01846-1 vom 2025-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021440.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7574-1 vom 2025-06-19",
"url": "https://ubuntu.com/security/notices/USN-7574-1"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2900 vom 2025-06-24",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2900.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02120-1 vom 2025-06-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021667.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2900 vom 2025-06-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2900.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10676 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10676"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10672 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10672"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10677 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10677"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10676 vom 2025-07-09",
"url": "https://linux.oracle.com/errata/ELSA-2025-10676.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10735 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10735"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2922 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2922.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-073 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-073.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-075 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-075.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-072 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-072.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-074 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-074.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2921 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2921.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-067 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-067.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-069 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-069.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-070 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-070.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-071 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-071.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-066 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-066.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10677 vom 2025-07-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-10677.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-068 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-068.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10672 vom 2025-07-16",
"url": "https://linux.oracle.com/errata/ELSA-2025-10672.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15379-1 vom 2025-07-25",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OXBEI4HV3ZI5QUREZ6X2EFASXDURBHCX/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-072 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-072.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-074 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-074.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-073 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-073.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-071 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-071.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241536 vom 2025-08-06",
"url": "https://www.ibm.com/support/pages/node/7241536"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13931 vom 2025-08-15",
"url": "https://access.redhat.com/errata/RHSA-2025:13931"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13932 vom 2025-08-15",
"url": "https://access.redhat.com/errata/RHSA-2025:13932"
}
],
"source_lang": "en-US",
"title": "Golang Go: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-14T22:00:00.000+00:00",
"generator": {
"date": "2025-08-15T07:22:13.177+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1205",
"initial_release_date": "2025-06-01T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-06-01T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-06-05T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-06-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE und Arch Linux aufgenommen"
},
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "4",
"summary": "Referenz(en) aufgenommen: GO-2025-3750, GO-2025-3749, GO-2025-3751"
},
{
"date": "2025-06-19T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-06-26T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-07-08T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-09T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-10T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon und Oracle Linux aufgenommen"
},
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-27T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-07-30T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-08-06T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-08-14T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "16"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Golang Go",
"product": {
"name": "Golang Go",
"product_id": "T029035",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.24.4",
"product": {
"name": "Golang Go \u003c1.24.4",
"product_id": "T044243"
}
},
{
"category": "product_version",
"name": "1.24.4",
"product": {
"name": "Golang Go 1.24.4",
"product_id": "T044243-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.24.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.23.10",
"product": {
"name": "Golang Go \u003c1.23.10",
"product_id": "T044244"
}
},
{
"category": "product_version",
"name": "1.23.10",
"product": {
"name": "Golang Go 1.23.10",
"product_id": "T044244-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.23.10"
}
}
}
],
"category": "product_name",
"name": "Go"
}
],
"category": "vendor",
"name": "Golang"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.14.0",
"product": {
"name": "IBM App Connect Enterprise \u003c12.14.0",
"product_id": "T045927"
}
},
{
"category": "product_version",
"name": "12.14.0",
"product": {
"name": "IBM App Connect Enterprise 12.14.0",
"product_id": "T045927-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:12.14.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003cLTS 12.0.14",
"product": {
"name": "IBM App Connect Enterprise \u003cLTS 12.0.14",
"product_id": "T045928"
}
},
{
"category": "product_version",
"name": "LTS 12.0.14",
"product": {
"name": "IBM App Connect Enterprise LTS 12.0.14",
"product_id": "T045928-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:lts_12.0.14"
}
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Builds 1.5.1",
"product": {
"name": "Red Hat OpenShift Builds 1.5.1",
"product_id": "T046264",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:builds_1.5.1"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0913",
"product_status": {
"known_affected": [
"T029035",
"67646",
"T013312",
"T045927",
"T045928",
"T004914",
"T002207",
"T000126",
"T027843",
"T046264",
"398363",
"T044243",
"T044244"
]
},
"release_date": "2025-06-01T22:00:00.000+00:00",
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-22874",
"product_status": {
"known_affected": [
"T029035",
"67646",
"T013312",
"T045927",
"T045928",
"T004914",
"T002207",
"T000126",
"T027843",
"T046264",
"398363",
"T044243",
"T044244"
]
},
"release_date": "2025-06-01T22:00:00.000+00:00",
"title": "CVE-2025-22874"
},
{
"cve": "CVE-2025-4673",
"product_status": {
"known_affected": [
"T029035",
"67646",
"T013312",
"T045927",
"T045928",
"T004914",
"T002207",
"T000126",
"T027843",
"T046264",
"398363",
"T044243",
"T044244"
]
},
"release_date": "2025-06-01T22:00:00.000+00:00",
"title": "CVE-2025-4673"
}
]
}
opensuse-su-2025:15225-1
Vulnerability from csaf_opensuse
Published
2025-07-03 00:00
Modified
2025-07-03 00:00
Summary
govulncheck-vulndb-0.0.20250612T141001-1.1 on GA media
Notes
Title of the patch
govulncheck-vulndb-0.0.20250612T141001-1.1 on GA media
Description of the patch
These are all security issues fixed in the govulncheck-vulndb-0.0.20250612T141001-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15225
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "govulncheck-vulndb-0.0.20250612T141001-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20250612T141001-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15225",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15225-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36846 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31022 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-42818 page",
"url": "https://www.suse.com/security/cve/CVE-2023-42818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-1792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-1792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-25207 page",
"url": "https://www.suse.com/security/cve/CVE-2025-25207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-25208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-25208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-29785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-29785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3230 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3260 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3260/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3454 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3611 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4128 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4573 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4573/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47950 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48494 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48495 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48710 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49011 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49140/"
}
],
"title": "govulncheck-vulndb-0.0.20250612T141001-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15225-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"product": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"product_id": "govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"product": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"product_id": "govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"product": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"product_id": "govulncheck-vulndb-0.0.20250612T141001-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64",
"product": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64",
"product_id": "govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64"
},
"product_reference": "govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le"
},
"product_reference": "govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x"
},
"product_reference": "govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
},
"product_reference": "govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36846"
}
],
"notes": [
{
"category": "general",
"text": "A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a \"one-shot\" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your IO::Compress::Brotli module to 0.007 or later. If one cannot update, we recommend to use the \"streaming\" API as opposed to the \"one-shot\" API, and impose chunk size limits.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36846",
"url": "https://www.suse.com/security/cve/CVE-2020-36846"
},
{
"category": "external",
"summary": "SUSE Bug 1175825 for CVE-2020-36846",
"url": "https://bugzilla.suse.com/1175825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2020-36846"
},
{
"cve": "CVE-2022-31022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31022"
}
],
"notes": [
{
"category": "general",
"text": "Bleve is a text indexing library for go. Bleve includes HTTP utilities under bleve/http package, that are used by its sample application. These HTTP methods pave way for exploitation of a node\u0027s filesystem where the bleve index resides, if the user has used bleve\u0027s own HTTP (bleve/http) handlers for exposing the access to the indexes. For instance, the CreateIndexHandler (`http/index_create.go`) and DeleteIndexHandler (`http/index_delete.go`) enable an attacker to create a bleve index (directory structure) anywhere where the user running the server has the write permissions and to delete recursively any directory owned by the same user account. Users who have used the bleve/http package for exposing access to bleve index without the explicit \nhandling for the Role Based Access Controls(RBAC) of the index assets would be impacted by this issue. Version 2.5.0 relocated the `http/` dir used _only_ by bleve-explorer to `blevesearch/bleve-explorer`, thereby addressing the issue. However, the http package is purely intended to be used for demonstration purposes. Bleve was never designed handle the RBACs, nor it was ever advertised to be used in that way. The collaborators of this project have decided to stay away from adding any authentication or authorization to bleve project at the moment. The bleve/http package is mainly for demonstration purposes and it lacks exhaustive validation of the user inputs as well as any authentication and authorization measures. It is recommended to not use bleve/http in production use cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31022",
"url": "https://www.suse.com/security/cve/CVE-2022-31022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-31022"
},
{
"cve": "CVE-2023-42818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-42818"
}
],
"notes": [
{
"category": "general",
"text": "JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force authentication against the SSH service This issue has been patched in versions 3.6.5 and 3.5.6. Users are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-42818",
"url": "https://www.suse.com/security/cve/CVE-2023-42818"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-42818"
},
{
"cve": "CVE-2025-0913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0913"
}
],
"notes": [
{
"category": "general",
"text": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0913",
"url": "https://www.suse.com/security/cve/CVE-2025-0913"
},
{
"category": "external",
"summary": "SUSE Bug 1244157 for CVE-2025-0913",
"url": "https://bugzilla.suse.com/1244157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-1792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-1792"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fail to properly enforce access controls for guest users accessing channel member information, allowing authenticated guest users to view metadata about members of public channels via the channel members API endpoint.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-1792",
"url": "https://www.suse.com/security/cve/CVE-2025-1792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-1792"
},
{
"cve": "CVE-2025-22874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22874"
}
],
"notes": [
{
"category": "general",
"text": "Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22874",
"url": "https://www.suse.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "SUSE Bug 1244158 for CVE-2025-22874",
"url": "https://bugzilla.suse.com/1244158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22874"
},
{
"cve": "CVE-2025-25207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-25207"
}
],
"notes": [
{
"category": "general",
"text": "The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with developer persona access can add a large number of those callbacks to be executed by Authorino and as the authentication policy is enforced by a single instance of the service, this leada to a Denial of Service in Authorino while processing the post-authorization callbacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-25207",
"url": "https://www.suse.com/security/cve/CVE-2025-25207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-25207"
},
{
"cve": "CVE-2025-25208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-25208"
}
],
"notes": [
{
"category": "general",
"text": "A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-25208",
"url": "https://www.suse.com/security/cve/CVE-2025-25208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-25208"
},
{
"cve": "CVE-2025-2571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2571"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.6.x \u003c= 10.6.2, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fail to clear Google OAuth credentials when converting user accounts to bot accounts, allowing attackers to gain unauthorized access to bot accounts via the Google OAuth signup flow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2571",
"url": "https://www.suse.com/security/cve/CVE-2025-2571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-2571"
},
{
"cve": "CVE-2025-29785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-29785"
}
],
"notes": [
{
"category": "general",
"text": "quic-go is an implementation of the QUIC protocol in Go. The loss recovery logic for path probe packets that was added in the v0.50.0 release can be used to trigger a nil-pointer dereference by a malicious QUIC client. In order to do so, the attacker first sends valid QUIC packets from different remote addresses (thereby triggering the newly added path validation logic: the server sends path probe packets), and then sending ACKs for packets received from the server specifically crafted to trigger the nil-pointer dereference. v0.50.1 contains a patch that fixes the vulnerability. This release contains a test that generates random sequences of sent packets (both regular and path probe packets), that was used to verify that the patch actually covers all corner cases. No known workarounds are available.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-29785",
"url": "https://www.suse.com/security/cve/CVE-2025-29785"
},
{
"category": "external",
"summary": "SUSE Bug 1243936 for CVE-2025-29785",
"url": "https://bugzilla.suse.com/1243936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-29785"
},
{
"cve": "CVE-2025-3230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3230"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.6.x \u003c= 10.6.2, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via continued usage of previously issued tokens.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3230",
"url": "https://www.suse.com/security/cve/CVE-2025-3230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-3230"
},
{
"cve": "CVE-2025-3260",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3260"
}
],
"notes": [
{
"category": "general",
"text": "A security vulnerability in the /apis/dashboard.grafana.app/* endpoints allows authenticated users to bypass dashboard and folder permissions. The vulnerability affects all API versions (v0alpha1, v1alpha1, v2alpha1).\n\nImpact:\n\n- Viewers can view all dashboards/folders regardless of permissions\n\n- Editors can view/edit/delete all dashboards/folders regardless of permissions\n\n- Editors can create dashboards in any folder regardless of permissions\n\n- Anonymous users with viewer/editor roles are similarly affected\n\nOrganization isolation boundaries remain intact. The vulnerability only affects dashboard access and does not grant access to datasources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3260",
"url": "https://www.suse.com/security/cve/CVE-2025-3260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-3260"
},
{
"cve": "CVE-2025-3454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3454"
}
],
"notes": [
{
"category": "general",
"text": "This vulnerability in Grafana\u0027s datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path.\n\nUsers with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources.\n\nThe issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3454",
"url": "https://www.suse.com/security/cve/CVE-2025-3454"
},
{
"category": "external",
"summary": "SUSE Bug 1241683 for CVE-2025-3454",
"url": "https://bugzilla.suse.com/1241683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-3454"
},
{
"cve": "CVE-2025-3611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3611"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team endpoints, even when explicitly configured with \u0027No access\u0027 to Teams in the System Console.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3611",
"url": "https://www.suse.com/security/cve/CVE-2025-3611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-3611"
},
{
"cve": "CVE-2025-3913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3913"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.6.x \u003c= 10.6.2, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the \u0027invite user\u0027 permission to access and modify team invite IDs via the /api/v4/teams/:teamId/privacy endpoint.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3913",
"url": "https://www.suse.com/security/cve/CVE-2025-3913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-3913"
},
{
"cve": "CVE-2025-4128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4128"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.5.x \u003c= 10.5.4, 9.11.x \u003c= 9.11.13 fail to properly restrict API access to team information, allowing guest users to bypass permissions and view information about public teams they are not members of via a direct API call to /api/v4/teams/{team_id}.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4128",
"url": "https://www.suse.com/security/cve/CVE-2025-4128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-4128"
},
{
"cve": "CVE-2025-4573",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4573"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.7.x \u003c= 10.7.1, 10.6.x \u003c= 10.6.3, 10.5.x \u003c= 10.5.4, 9.11.x \u003c= 9.11.13 fail to properly validate LDAP group ID attributes, allowing an authenticated administrator with PermissionSysconsoleWriteUserManagementGroups permission to execute LDAP search filter injection via the PUT /api/v4/ldap/groups/{remote_id}/link API when objectGUID is configured as the Group ID Attribute.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4573",
"url": "https://www.suse.com/security/cve/CVE-2025-4573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-4573"
},
{
"cve": "CVE-2025-4673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4673"
}
],
"notes": [
{
"category": "general",
"text": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4673",
"url": "https://www.suse.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "SUSE Bug 1244156 for CVE-2025-4673",
"url": "https://bugzilla.suse.com/1244156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-4673"
},
{
"cve": "CVE-2025-47950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47950"
}
],
"notes": [
{
"category": "general",
"text": "CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service (DoS) vulnerability exists in the CoreDNS DNS-over-QUIC (DoQ) server implementation. The server previously created a new goroutine for every incoming QUIC stream without imposing any limits on the number of concurrent streams or goroutines. A remote, unauthenticated attacker could open a large number of streams, leading to uncontrolled memory consumption and eventually causing an Out Of Memory (OOM) crash - especially in containerized or memory-constrained environments. The patch in version 1.12.2 introduces two key mitigation mechanisms: `max_streams`, which caps the number of concurrent QUIC streams per connection with a default value of `256`; and `worker_pool_size`, which Introduces a server-wide, bounded worker pool to process incoming streams with a default value of `1024`. This eliminates the 1:1 stream-to-goroutine model and ensures that CoreDNS remains resilient under high concurrency. Some workarounds are available for those who are unable to upgrade. Disable QUIC support by removing or commenting out the `quic://` block in the Corefile, use container runtime resource limits to detect and isolate excessive memory usage, and/or monitor QUIC connection patterns and alert on anomalies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47950",
"url": "https://www.suse.com/security/cve/CVE-2025-47950"
},
{
"category": "external",
"summary": "SUSE Bug 1244331 for CVE-2025-47950",
"url": "https://bugzilla.suse.com/1244331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47950"
},
{
"cve": "CVE-2025-48494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48494"
}
],
"notes": [
{
"category": "general",
"text": "Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. When using end-to-end encryption, a stored cross-site scripting vulnerability can be exploited by uploading a file with JavaScript code embedded in the filename. After upload and every time someone opens the upload list, the script is then parsed. Prior to version 2.0.0, there was no user permission system implemented, therefore all authenticated users were already able to see and modify all resources, even if end-to-end encrypted, as the encryption key had to be the same for all users using a version prior to 2.0.0. If a user is the only authenticated user using Gokapi, they are not affected. This issue has been fixed in v2.0.0. A possible workaround would be to disable end-to-end encryption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48494",
"url": "https://www.suse.com/security/cve/CVE-2025-48494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-48494"
},
{
"cve": "CVE-2025-48495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48495"
}
],
"notes": [
{
"category": "general",
"text": "Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. By renaming the friendly name of an API key, an authenticated user could inject JS into the API key overview, which would also be executed when another user clicks on his API tab. Prior to version 2.0.0, there was no user permission system implemented, therefore all authenticated users were already able to see and modify all resources, even if end-to-end encrypted, as the encryption key had to be the same for all users of versions prior to 2.0.0. If a user is the only authenticated user using Gokapi, they are not affected. This issue has been fixed in v2.0.0. A workaround would be to not open the API page if it is possible that another user might have injected code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48495",
"url": "https://www.suse.com/security/cve/CVE-2025-48495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-48495"
},
{
"cve": "CVE-2025-48710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48710"
}
],
"notes": [
{
"category": "general",
"text": "kro (Kube Resource Orchestrator) 0.1.0 before 0.2.1 allows users (with permission to create or modify ResourceGraphDefinition resources) to supply arbitrary container images. This can lead to a confused-deputy scenario where kro\u0027s controllers deploy and run attacker-controlled images, resulting in unauthenticated remote code execution on cluster nodes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48710",
"url": "https://www.suse.com/security/cve/CVE-2025-48710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-48710"
},
{
"cve": "CVE-2025-48865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48865"
}
],
"notes": [
{
"category": "general",
"text": "Fabio is an HTTP(S) and TCP router for deploying applications managed by consul. Prior to version 1.6.6, Fabio allows clients to remove X-Forwarded headers (except X-Forwarded-For) due to a vulnerability in how it processes hop-by-hop headers. Fabio adds HTTP headers like X-Forwarded-Host and X-Forwarded-Port when routing requests to backend applications. Since the receiving application should trust these headers, allowing HTTP clients to remove or modify them creates potential security vulnerabilities. Some of these custom headers can be removed and, in certain cases, manipulated. The attack relies on the behavior that headers can be defined as hop-by-hop via the HTTP Connection header. This issue has been patched in version 1.6.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48865",
"url": "https://www.suse.com/security/cve/CVE-2025-48865"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-48865"
},
{
"cve": "CVE-2025-48938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48938"
}
],
"notes": [
{
"category": "general",
"text": "go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user\u0027s machine by replacing HTTP URLs provided by GitHub with local file paths for browsing. In `2.12.1`, `Browser.Browse()` has been enhanced to allow and disallow a variety of scenarios to avoid opening or executing files on the filesystem without unduly impacting HTTP URLs. No known workarounds are available other than upgrading.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48938",
"url": "https://www.suse.com/security/cve/CVE-2025-48938"
},
{
"category": "external",
"summary": "SUSE Bug 1243930 for CVE-2025-48938",
"url": "https://bugzilla.suse.com/1243930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-48938"
},
{
"cve": "CVE-2025-48948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48948"
}
],
"notes": [
{
"category": "general",
"text": "Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating, modifying, and deleting transcoding settings. In the threat model where administrators are trusted but regular users are not, this vulnerability represents a significant security risk when transcoding is enabled. Version 0.56.0 patches the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48948",
"url": "https://www.suse.com/security/cve/CVE-2025-48948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-48948"
},
{
"cve": "CVE-2025-48949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48949"
}
],
"notes": [
{
"category": "general",
"text": "Navidrome is an open source web-based music collection server and streamer. Versions 0.55.0 through 0.55.2 have a vulnerability due to improper input validation on the `role` parameter within the API endpoint `/api/artist`. Attackers can exploit this flaw to inject arbitrary SQL queries, potentially gaining unauthorized access to the backend database and compromising sensitive user information. Version 0.56.0 contains a patch for the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48949",
"url": "https://www.suse.com/security/cve/CVE-2025-48949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-48949"
},
{
"cve": "CVE-2025-49011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49011"
}
],
"notes": [
{
"category": "general",
"text": "SpiceDB is an open source database for storing and querying fine-grained authorization data. Prior to version 1.44.2, on schemas involving arrows with caveats on the arrow\u0027ed relation, when the path to resolve a CheckPermission request involves the evaluation of multiple caveated branches, requests may return a negative response when a positive response is expected. Version 1.44.2 fixes the issue. As a workaround, do not use caveats in the schema over an arrow\u0027ed relation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49011",
"url": "https://www.suse.com/security/cve/CVE-2025-49011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-49011"
},
{
"cve": "CVE-2025-49136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49136"
}
],
"notes": [
{
"category": "general",
"text": "listmonk is a standalone, self-hosted, newsletter and mailing list manager. Starting in version 4.0.0 and prior to version 5.0.2, the `env` and `expandenv` template functions which is enabled by default in Sprig enables capturing of env variables on host. While this may not be a problem on single-user (super admin) installations, on multi-user installations, this allows non-super-admin users with campaign or template permissions to use the `{{ env }}` template expression to capture sensitive environment variables. Users should upgrade to v5.0.2 to mitigate the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49136",
"url": "https://www.suse.com/security/cve/CVE-2025-49136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-49136"
},
{
"cve": "CVE-2025-49140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49140"
}
],
"notes": [
{
"category": "general",
"text": "Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should upgrade to v0.1.39 or later, which validates that: `padLen \u003e 0 \u0026\u0026 padLen \u003c= payloadLength` and return error on overflow, avoiding panic. If upgrading is not possible, apply the patch from the pull request manually or drop packets whose P-bit is set but whose padLen is zero or larger than the remaining payload.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49140",
"url": "https://www.suse.com/security/cve/CVE-2025-49140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-49140"
}
]
}
opensuse-su-2025:15224-1
Vulnerability from csaf_opensuse
Published
2025-07-03 00:00
Modified
2025-07-03 00:00
Summary
go1.24-1.24.4-1.1 on GA media
Notes
Title of the patch
go1.24-1.24.4-1.1 on GA media
Description of the patch
These are all security issues fixed in the go1.24-1.24.4-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15224
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.24-1.24.4-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.24-1.24.4-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15224",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15224-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4673/"
}
],
"title": "go1.24-1.24.4-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15224-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.4-1.1.aarch64",
"product": {
"name": "go1.24-1.24.4-1.1.aarch64",
"product_id": "go1.24-1.24.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.4-1.1.aarch64",
"product": {
"name": "go1.24-doc-1.24.4-1.1.aarch64",
"product_id": "go1.24-doc-1.24.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.4-1.1.aarch64",
"product": {
"name": "go1.24-libstd-1.24.4-1.1.aarch64",
"product_id": "go1.24-libstd-1.24.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.4-1.1.aarch64",
"product": {
"name": "go1.24-race-1.24.4-1.1.aarch64",
"product_id": "go1.24-race-1.24.4-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.4-1.1.ppc64le",
"product": {
"name": "go1.24-1.24.4-1.1.ppc64le",
"product_id": "go1.24-1.24.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.4-1.1.ppc64le",
"product": {
"name": "go1.24-doc-1.24.4-1.1.ppc64le",
"product_id": "go1.24-doc-1.24.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.4-1.1.ppc64le",
"product": {
"name": "go1.24-libstd-1.24.4-1.1.ppc64le",
"product_id": "go1.24-libstd-1.24.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.4-1.1.ppc64le",
"product": {
"name": "go1.24-race-1.24.4-1.1.ppc64le",
"product_id": "go1.24-race-1.24.4-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.4-1.1.s390x",
"product": {
"name": "go1.24-1.24.4-1.1.s390x",
"product_id": "go1.24-1.24.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.4-1.1.s390x",
"product": {
"name": "go1.24-doc-1.24.4-1.1.s390x",
"product_id": "go1.24-doc-1.24.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.4-1.1.s390x",
"product": {
"name": "go1.24-libstd-1.24.4-1.1.s390x",
"product_id": "go1.24-libstd-1.24.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.4-1.1.s390x",
"product": {
"name": "go1.24-race-1.24.4-1.1.s390x",
"product_id": "go1.24-race-1.24.4-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.4-1.1.x86_64",
"product": {
"name": "go1.24-1.24.4-1.1.x86_64",
"product_id": "go1.24-1.24.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.4-1.1.x86_64",
"product": {
"name": "go1.24-doc-1.24.4-1.1.x86_64",
"product_id": "go1.24-doc-1.24.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.4-1.1.x86_64",
"product": {
"name": "go1.24-libstd-1.24.4-1.1.x86_64",
"product_id": "go1.24-libstd-1.24.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.4-1.1.x86_64",
"product": {
"name": "go1.24-race-1.24.4-1.1.x86_64",
"product_id": "go1.24-race-1.24.4-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64"
},
"product_reference": "go1.24-1.24.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le"
},
"product_reference": "go1.24-1.24.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x"
},
"product_reference": "go1.24-1.24.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64"
},
"product_reference": "go1.24-1.24.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x"
},
"product_reference": "go1.24-doc-1.24.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64"
},
"product_reference": "go1.24-libstd-1.24.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le"
},
"product_reference": "go1.24-libstd-1.24.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x"
},
"product_reference": "go1.24-libstd-1.24.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64"
},
"product_reference": "go1.24-libstd-1.24.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64"
},
"product_reference": "go1.24-race-1.24.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x"
},
"product_reference": "go1.24-race-1.24.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
},
"product_reference": "go1.24-race-1.24.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0913"
}
],
"notes": [
{
"category": "general",
"text": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0913",
"url": "https://www.suse.com/security/cve/CVE-2025-0913"
},
{
"category": "external",
"summary": "SUSE Bug 1244157 for CVE-2025-0913",
"url": "https://bugzilla.suse.com/1244157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-22874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22874"
}
],
"notes": [
{
"category": "general",
"text": "Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22874",
"url": "https://www.suse.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "SUSE Bug 1244158 for CVE-2025-22874",
"url": "https://bugzilla.suse.com/1244158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22874"
},
{
"cve": "CVE-2025-4673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4673"
}
],
"notes": [
{
"category": "general",
"text": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4673",
"url": "https://www.suse.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "SUSE Bug 1244156 for CVE-2025-4673",
"url": "https://bugzilla.suse.com/1244156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-4673"
}
]
}
opensuse-su-2025:15251-1
Vulnerability from csaf_opensuse
Published
2025-07-03 00:00
Modified
2025-07-03 00:00
Summary
nova-3.11.4-1.1 on GA media
Notes
Title of the patch
nova-3.11.4-1.1 on GA media
Description of the patch
These are all security issues fixed in the nova-3.11.4-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15251
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "nova-3.11.4-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the nova-3.11.4-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15251",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15251-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22874/"
}
],
"title": "nova-3.11.4-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15251-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nova-3.11.4-1.1.aarch64",
"product": {
"name": "nova-3.11.4-1.1.aarch64",
"product_id": "nova-3.11.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "nova-bash-completion-3.11.4-1.1.aarch64",
"product": {
"name": "nova-bash-completion-3.11.4-1.1.aarch64",
"product_id": "nova-bash-completion-3.11.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "nova-fish-completion-3.11.4-1.1.aarch64",
"product": {
"name": "nova-fish-completion-3.11.4-1.1.aarch64",
"product_id": "nova-fish-completion-3.11.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "nova-zsh-completion-3.11.4-1.1.aarch64",
"product": {
"name": "nova-zsh-completion-3.11.4-1.1.aarch64",
"product_id": "nova-zsh-completion-3.11.4-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nova-3.11.4-1.1.ppc64le",
"product": {
"name": "nova-3.11.4-1.1.ppc64le",
"product_id": "nova-3.11.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nova-bash-completion-3.11.4-1.1.ppc64le",
"product": {
"name": "nova-bash-completion-3.11.4-1.1.ppc64le",
"product_id": "nova-bash-completion-3.11.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nova-fish-completion-3.11.4-1.1.ppc64le",
"product": {
"name": "nova-fish-completion-3.11.4-1.1.ppc64le",
"product_id": "nova-fish-completion-3.11.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nova-zsh-completion-3.11.4-1.1.ppc64le",
"product": {
"name": "nova-zsh-completion-3.11.4-1.1.ppc64le",
"product_id": "nova-zsh-completion-3.11.4-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nova-3.11.4-1.1.s390x",
"product": {
"name": "nova-3.11.4-1.1.s390x",
"product_id": "nova-3.11.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "nova-bash-completion-3.11.4-1.1.s390x",
"product": {
"name": "nova-bash-completion-3.11.4-1.1.s390x",
"product_id": "nova-bash-completion-3.11.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "nova-fish-completion-3.11.4-1.1.s390x",
"product": {
"name": "nova-fish-completion-3.11.4-1.1.s390x",
"product_id": "nova-fish-completion-3.11.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "nova-zsh-completion-3.11.4-1.1.s390x",
"product": {
"name": "nova-zsh-completion-3.11.4-1.1.s390x",
"product_id": "nova-zsh-completion-3.11.4-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nova-3.11.4-1.1.x86_64",
"product": {
"name": "nova-3.11.4-1.1.x86_64",
"product_id": "nova-3.11.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "nova-bash-completion-3.11.4-1.1.x86_64",
"product": {
"name": "nova-bash-completion-3.11.4-1.1.x86_64",
"product_id": "nova-bash-completion-3.11.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "nova-fish-completion-3.11.4-1.1.x86_64",
"product": {
"name": "nova-fish-completion-3.11.4-1.1.x86_64",
"product_id": "nova-fish-completion-3.11.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "nova-zsh-completion-3.11.4-1.1.x86_64",
"product": {
"name": "nova-zsh-completion-3.11.4-1.1.x86_64",
"product_id": "nova-zsh-completion-3.11.4-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-3.11.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-3.11.4-1.1.aarch64"
},
"product_reference": "nova-3.11.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-3.11.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-3.11.4-1.1.ppc64le"
},
"product_reference": "nova-3.11.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-3.11.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-3.11.4-1.1.s390x"
},
"product_reference": "nova-3.11.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-3.11.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-3.11.4-1.1.x86_64"
},
"product_reference": "nova-3.11.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-bash-completion-3.11.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.aarch64"
},
"product_reference": "nova-bash-completion-3.11.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-bash-completion-3.11.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.ppc64le"
},
"product_reference": "nova-bash-completion-3.11.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-bash-completion-3.11.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.s390x"
},
"product_reference": "nova-bash-completion-3.11.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-bash-completion-3.11.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.x86_64"
},
"product_reference": "nova-bash-completion-3.11.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-fish-completion-3.11.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.aarch64"
},
"product_reference": "nova-fish-completion-3.11.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-fish-completion-3.11.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.ppc64le"
},
"product_reference": "nova-fish-completion-3.11.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-fish-completion-3.11.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.s390x"
},
"product_reference": "nova-fish-completion-3.11.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-fish-completion-3.11.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.x86_64"
},
"product_reference": "nova-fish-completion-3.11.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-zsh-completion-3.11.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.aarch64"
},
"product_reference": "nova-zsh-completion-3.11.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-zsh-completion-3.11.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.ppc64le"
},
"product_reference": "nova-zsh-completion-3.11.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-zsh-completion-3.11.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.s390x"
},
"product_reference": "nova-zsh-completion-3.11.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-zsh-completion-3.11.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.x86_64"
},
"product_reference": "nova-zsh-completion-3.11.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22874"
}
],
"notes": [
{
"category": "general",
"text": "Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:nova-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-3.11.4-1.1.x86_64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.x86_64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.x86_64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22874",
"url": "https://www.suse.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "SUSE Bug 1244158 for CVE-2025-22874",
"url": "https://bugzilla.suse.com/1244158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:nova-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-3.11.4-1.1.x86_64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.x86_64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.x86_64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:nova-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-3.11.4-1.1.x86_64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-bash-completion-3.11.4-1.1.x86_64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-fish-completion-3.11.4-1.1.x86_64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.aarch64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.ppc64le",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.s390x",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22874"
}
]
}
opensuse-su-2025:15379-1
Vulnerability from csaf_opensuse
Published
2025-07-24 00:00
Modified
2025-07-24 00:00
Summary
minio-client-20250721T052808Z-1.1 on GA media
Notes
Title of the patch
minio-client-20250721T052808Z-1.1 on GA media
Description of the patch
These are all security issues fixed in the minio-client-20250721T052808Z-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15379
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "minio-client-20250721T052808Z-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the minio-client-20250721T052808Z-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15379",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15379-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22874/"
}
],
"title": "minio-client-20250721T052808Z-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-24T00:00:00Z",
"generator": {
"date": "2025-07-24T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15379-1",
"initial_release_date": "2025-07-24T00:00:00Z",
"revision_history": [
{
"date": "2025-07-24T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "minio-client-20250721T052808Z-1.1.aarch64",
"product": {
"name": "minio-client-20250721T052808Z-1.1.aarch64",
"product_id": "minio-client-20250721T052808Z-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "minio-client-as-mc-20250721T052808Z-1.1.aarch64",
"product": {
"name": "minio-client-as-mc-20250721T052808Z-1.1.aarch64",
"product_id": "minio-client-as-mc-20250721T052808Z-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "minio-client-20250721T052808Z-1.1.ppc64le",
"product": {
"name": "minio-client-20250721T052808Z-1.1.ppc64le",
"product_id": "minio-client-20250721T052808Z-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "minio-client-as-mc-20250721T052808Z-1.1.ppc64le",
"product": {
"name": "minio-client-as-mc-20250721T052808Z-1.1.ppc64le",
"product_id": "minio-client-as-mc-20250721T052808Z-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "minio-client-20250721T052808Z-1.1.s390x",
"product": {
"name": "minio-client-20250721T052808Z-1.1.s390x",
"product_id": "minio-client-20250721T052808Z-1.1.s390x"
}
},
{
"category": "product_version",
"name": "minio-client-as-mc-20250721T052808Z-1.1.s390x",
"product": {
"name": "minio-client-as-mc-20250721T052808Z-1.1.s390x",
"product_id": "minio-client-as-mc-20250721T052808Z-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "minio-client-20250721T052808Z-1.1.x86_64",
"product": {
"name": "minio-client-20250721T052808Z-1.1.x86_64",
"product_id": "minio-client-20250721T052808Z-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "minio-client-as-mc-20250721T052808Z-1.1.x86_64",
"product": {
"name": "minio-client-as-mc-20250721T052808Z-1.1.x86_64",
"product_id": "minio-client-as-mc-20250721T052808Z-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "minio-client-20250721T052808Z-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.aarch64"
},
"product_reference": "minio-client-20250721T052808Z-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "minio-client-20250721T052808Z-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.ppc64le"
},
"product_reference": "minio-client-20250721T052808Z-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "minio-client-20250721T052808Z-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.s390x"
},
"product_reference": "minio-client-20250721T052808Z-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "minio-client-20250721T052808Z-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.x86_64"
},
"product_reference": "minio-client-20250721T052808Z-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "minio-client-as-mc-20250721T052808Z-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.aarch64"
},
"product_reference": "minio-client-as-mc-20250721T052808Z-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "minio-client-as-mc-20250721T052808Z-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.ppc64le"
},
"product_reference": "minio-client-as-mc-20250721T052808Z-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "minio-client-as-mc-20250721T052808Z-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.s390x"
},
"product_reference": "minio-client-as-mc-20250721T052808Z-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "minio-client-as-mc-20250721T052808Z-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.x86_64"
},
"product_reference": "minio-client-as-mc-20250721T052808Z-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22874"
}
],
"notes": [
{
"category": "general",
"text": "Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.aarch64",
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.ppc64le",
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.s390x",
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.x86_64",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.aarch64",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.ppc64le",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.s390x",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22874",
"url": "https://www.suse.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "SUSE Bug 1244158 for CVE-2025-22874",
"url": "https://bugzilla.suse.com/1244158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.aarch64",
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.ppc64le",
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.s390x",
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.x86_64",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.aarch64",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.ppc64le",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.s390x",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.aarch64",
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.ppc64le",
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.s390x",
"openSUSE Tumbleweed:minio-client-20250721T052808Z-1.1.x86_64",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.aarch64",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.ppc64le",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.s390x",
"openSUSE Tumbleweed:minio-client-as-mc-20250721T052808Z-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22874"
}
]
}
opensuse-su-2025:15263-1
Vulnerability from csaf_opensuse
Published
2025-07-03 00:00
Modified
2025-07-03 00:00
Summary
polaris-9.6.4-1.1 on GA media
Notes
Title of the patch
polaris-9.6.4-1.1 on GA media
Description of the patch
These are all security issues fixed in the polaris-9.6.4-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15263
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "polaris-9.6.4-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the polaris-9.6.4-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15263",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15263-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22874/"
}
],
"title": "polaris-9.6.4-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15263-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "polaris-9.6.4-1.1.aarch64",
"product": {
"name": "polaris-9.6.4-1.1.aarch64",
"product_id": "polaris-9.6.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "polaris-bash-completion-9.6.4-1.1.aarch64",
"product": {
"name": "polaris-bash-completion-9.6.4-1.1.aarch64",
"product_id": "polaris-bash-completion-9.6.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "polaris-fish-completion-9.6.4-1.1.aarch64",
"product": {
"name": "polaris-fish-completion-9.6.4-1.1.aarch64",
"product_id": "polaris-fish-completion-9.6.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "polaris-zsh-completion-9.6.4-1.1.aarch64",
"product": {
"name": "polaris-zsh-completion-9.6.4-1.1.aarch64",
"product_id": "polaris-zsh-completion-9.6.4-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "polaris-9.6.4-1.1.ppc64le",
"product": {
"name": "polaris-9.6.4-1.1.ppc64le",
"product_id": "polaris-9.6.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "polaris-bash-completion-9.6.4-1.1.ppc64le",
"product": {
"name": "polaris-bash-completion-9.6.4-1.1.ppc64le",
"product_id": "polaris-bash-completion-9.6.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "polaris-fish-completion-9.6.4-1.1.ppc64le",
"product": {
"name": "polaris-fish-completion-9.6.4-1.1.ppc64le",
"product_id": "polaris-fish-completion-9.6.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "polaris-zsh-completion-9.6.4-1.1.ppc64le",
"product": {
"name": "polaris-zsh-completion-9.6.4-1.1.ppc64le",
"product_id": "polaris-zsh-completion-9.6.4-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "polaris-9.6.4-1.1.s390x",
"product": {
"name": "polaris-9.6.4-1.1.s390x",
"product_id": "polaris-9.6.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "polaris-bash-completion-9.6.4-1.1.s390x",
"product": {
"name": "polaris-bash-completion-9.6.4-1.1.s390x",
"product_id": "polaris-bash-completion-9.6.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "polaris-fish-completion-9.6.4-1.1.s390x",
"product": {
"name": "polaris-fish-completion-9.6.4-1.1.s390x",
"product_id": "polaris-fish-completion-9.6.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "polaris-zsh-completion-9.6.4-1.1.s390x",
"product": {
"name": "polaris-zsh-completion-9.6.4-1.1.s390x",
"product_id": "polaris-zsh-completion-9.6.4-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "polaris-9.6.4-1.1.x86_64",
"product": {
"name": "polaris-9.6.4-1.1.x86_64",
"product_id": "polaris-9.6.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "polaris-bash-completion-9.6.4-1.1.x86_64",
"product": {
"name": "polaris-bash-completion-9.6.4-1.1.x86_64",
"product_id": "polaris-bash-completion-9.6.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "polaris-fish-completion-9.6.4-1.1.x86_64",
"product": {
"name": "polaris-fish-completion-9.6.4-1.1.x86_64",
"product_id": "polaris-fish-completion-9.6.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "polaris-zsh-completion-9.6.4-1.1.x86_64",
"product": {
"name": "polaris-zsh-completion-9.6.4-1.1.x86_64",
"product_id": "polaris-zsh-completion-9.6.4-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-9.6.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-9.6.4-1.1.aarch64"
},
"product_reference": "polaris-9.6.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-9.6.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-9.6.4-1.1.ppc64le"
},
"product_reference": "polaris-9.6.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-9.6.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-9.6.4-1.1.s390x"
},
"product_reference": "polaris-9.6.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-9.6.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-9.6.4-1.1.x86_64"
},
"product_reference": "polaris-9.6.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-bash-completion-9.6.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.aarch64"
},
"product_reference": "polaris-bash-completion-9.6.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-bash-completion-9.6.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.ppc64le"
},
"product_reference": "polaris-bash-completion-9.6.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-bash-completion-9.6.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.s390x"
},
"product_reference": "polaris-bash-completion-9.6.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-bash-completion-9.6.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.x86_64"
},
"product_reference": "polaris-bash-completion-9.6.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-fish-completion-9.6.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.aarch64"
},
"product_reference": "polaris-fish-completion-9.6.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-fish-completion-9.6.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.ppc64le"
},
"product_reference": "polaris-fish-completion-9.6.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-fish-completion-9.6.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.s390x"
},
"product_reference": "polaris-fish-completion-9.6.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-fish-completion-9.6.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.x86_64"
},
"product_reference": "polaris-fish-completion-9.6.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-zsh-completion-9.6.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.aarch64"
},
"product_reference": "polaris-zsh-completion-9.6.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-zsh-completion-9.6.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.ppc64le"
},
"product_reference": "polaris-zsh-completion-9.6.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-zsh-completion-9.6.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.s390x"
},
"product_reference": "polaris-zsh-completion-9.6.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-zsh-completion-9.6.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.x86_64"
},
"product_reference": "polaris-zsh-completion-9.6.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22874"
}
],
"notes": [
{
"category": "general",
"text": "Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:polaris-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-9.6.4-1.1.x86_64",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.x86_64",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.x86_64",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22874",
"url": "https://www.suse.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "SUSE Bug 1244158 for CVE-2025-22874",
"url": "https://bugzilla.suse.com/1244158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:polaris-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-9.6.4-1.1.x86_64",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.x86_64",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.x86_64",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:polaris-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-9.6.4-1.1.x86_64",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-bash-completion-9.6.4-1.1.x86_64",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-fish-completion-9.6.4-1.1.x86_64",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.aarch64",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.s390x",
"openSUSE Tumbleweed:polaris-zsh-completion-9.6.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22874"
}
]
}
msrc_cve-2025-22874
Vulnerability from csaf_microsoft
Published
2025-06-02 00:00
Modified
2025-07-11 00:00
Summary
Usage of ExtKeyUsageAny disables policy validation in crypto/x509
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-22874 Usage of ExtKeyUsageAny disables policy validation in crypto/x509 - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-22874.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"tracking": {
"current_release_date": "2025-07-11T00:00:00.000Z",
"generator": {
"date": "2025-10-20T03:23:37.615Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-22874",
"initial_release_date": "2025-06-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-07-11T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm2 msft-golang 1.24.1-3",
"product": {
"name": "\u003ccm2 msft-golang 1.24.1-3",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "cm2 msft-golang 1.24.1-3",
"product": {
"name": "cm2 msft-golang 1.24.1-3",
"product_id": "19548"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 msft-golang 1.24.1-3",
"product": {
"name": "\u003ccbl2 msft-golang 1.24.1-3",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 msft-golang 1.24.1-3",
"product": {
"name": "cbl2 msft-golang 1.24.1-3",
"product_id": "20196"
}
}
],
"category": "product_name",
"name": "msft-golang"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 golang 1.24.6-1",
"product": {
"name": "\u003cazl3 golang 1.24.6-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 golang 1.24.6-1",
"product": {
"name": "azl3 golang 1.24.6-1",
"product_id": "20180"
}
}
],
"category": "product_name",
"name": "golang"
},
{
"category": "product_name",
"name": "azl3 gcc 13.2.0-7",
"product": {
"name": "azl3 gcc 13.2.0-7",
"product_id": "8"
}
},
{
"category": "product_name",
"name": "azl3 python-tensorboard 2.16.2-6",
"product": {
"name": "azl3 python-tensorboard 2.16.2-6",
"product_id": "5"
}
},
{
"category": "product_name",
"name": "azl3 tensorflow 2.16.1-9",
"product": {
"name": "azl3 tensorflow 2.16.1-9",
"product_id": "9"
}
},
{
"category": "product_name",
"name": "cbl2 gcc 11.2.0-8",
"product": {
"name": "cbl2 gcc 11.2.0-8",
"product_id": "3"
}
},
{
"category": "product_name",
"name": "cbl2 python-tensorboard 2.11.0-3",
"product": {
"name": "cbl2 python-tensorboard 2.11.0-3",
"product_id": "4"
}
},
{
"category": "product_name",
"name": "cbl2 tensorflow 2.11.1-2",
"product": {
"name": "cbl2 tensorflow 2.11.1-2",
"product_id": "6"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm2 msft-golang 1.24.1-3 as a component of CBL Mariner 2.0",
"product_id": "17086-7"
},
"product_reference": "7",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm2 msft-golang 1.24.1-3 as a component of CBL Mariner 2.0",
"product_id": "19548-17086"
},
"product_reference": "19548",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 golang 1.24.6-1 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 golang 1.24.6-1 as a component of Azure Linux 3.0",
"product_id": "20180-17084"
},
"product_reference": "20180",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 gcc 13.2.0-7 as a component of Azure Linux 3.0",
"product_id": "17084-8"
},
"product_reference": "8",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-tensorboard 2.16.2-6 as a component of Azure Linux 3.0",
"product_id": "17084-5"
},
"product_reference": "5",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 tensorflow 2.16.1-9 as a component of Azure Linux 3.0",
"product_id": "17084-9"
},
"product_reference": "9",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 gcc 11.2.0-8 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 msft-golang 1.24.1-3 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 msft-golang 1.24.1-3 as a component of CBL Mariner 2.0",
"product_id": "20196-17086"
},
"product_reference": "20196",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 python-tensorboard 2.11.0-3 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 tensorflow 2.11.1-2 as a component of CBL Mariner 2.0",
"product_id": "17086-6"
},
"product_reference": "6",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-8",
"17084-5",
"17084-9",
"17086-3",
"17086-4",
"17086-6"
]
}
],
"notes": [
{
"category": "general",
"text": "Go",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"19548-17086",
"20180-17084",
"20196-17086"
],
"known_affected": [
"17086-7",
"17084-2",
"17086-1"
],
"known_not_affected": [
"17084-8",
"17084-5",
"17084-9",
"17086-3",
"17086-4",
"17086-6"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-22874 Usage of ExtKeyUsageAny disables policy validation in crypto/x509 - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-22874.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-11T00:00:00.000Z",
"details": "1.24.1-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-7",
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-07-11T00:00:00.000Z",
"details": "Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"17086-7",
"17084-2",
"17086-1"
]
}
],
"title": "Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
}
]
}
ghsa-6f52-wpx2-hvf2
Vulnerability from github
Published
2025-06-11 18:35
Modified
2025-06-11 18:35
Severity ?
VLAI Severity ?
Details
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.
{
"affected": [],
"aliases": [
"CVE-2025-22874"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-11T17:15:42Z",
"severity": "HIGH"
},
"details": "Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.",
"id": "GHSA-6f52-wpx2-hvf2",
"modified": "2025-06-11T18:35:43Z",
"published": "2025-06-11T18:35:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"type": "WEB",
"url": "https://go.dev/cl/670375"
},
{
"type": "WEB",
"url": "https://go.dev/issue/73612"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
suse-su-2025:03158-1
Vulnerability from csaf_suse
Published
2025-09-11 03:04
Modified
2025-09-11 03:04
Summary
Security update for go1.24-openssl
Notes
Title of the patch
Security update for go1.24-openssl
Description of the patch
This security update of go1.24-openssl fixes the following issues:
Update to version 1.24.6 cut from the go1.24-fips-release
branch at the revision tagged go1.24.6-1-openssl-fips.
Refs jsc#SLE-18320
* Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil
salt to be passed as a hash length buffer of zeros.
go1.24.6 (released 2025-08-06) includes security fixes to the
database/sql and os/exec packages, as well as bug fixes to the
runtime. ( boo#1236217 go1.24 release tracking)
CVE-2025-47906 CVE-2025-47907:
* go#74804 go#74466 boo#1247719 security: fix CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of '', '.' and '..' in some PATH configurations
* go#74833 go#74831 boo#1247720 security: fix CVE-2025-47907 database/sql: incorrect results returned from Rows.Scan
* go#73800 runtime: RSS seems to have increased in Go 1.24 while the runtime accounting has not
* go#74416 runtime: use-after-free of allpSnapshot in findRunnable
* go#74694 runtime: segfaults in runtime.(*unwinder).next
* go#74760 os/user:nolibgcc: TestGroupIdsTestUser failures
go1.24.5 (released 2025-07-08) includes security fixes to the go
command, as well as bug fixes to the compiler, the linker, the , and
the go command. ( boo#1236217 go1.24 release tracking)
j
CVE-2025-4674:
* go#74381 go#74380 boo#1246118 security: fix CVE-2025-4674 cmd/go: disable support for multiple vcs in one module
* go#73908 runtime: bad frame pointer during panic during duffcopy
* go#74098 cmd/compile: regression on ppc64le bit operations
* go#74113 cmd/go: crash on unknown GOEXPERIMENT during toolchain selection
* go#74290 runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning
* go#74294 internal/trace: stress tests triggering suspected deadlock in tracer
* go#74346 runtime: memlock not unlocked in all control flow paths in sysReserveAlignedSbrk
* go#74363 runtime/pprof: crash 'cannot read stack of running goroutine' in goroutine profile
* go#74403 cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN
go1.24.4 (released 2025-06-05) includes security fixes to the
crypto/x509, net/http, and os packages, as well as bug fixes to
the linker, the go command, and the hash/maphash and os packages.
( boo#1236217 go1.24 release tracking)
CVE-2025-22874 CVE-2025-0913 CVE-2025-4673
* go#73700 go#73702 boo#1244158 security: fix CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation
* go#73720 go#73612 boo#1244157 security: fix CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows
* go#73906 go#73816 boo#1244156 security: fix CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect
* go#73570 os: Root.Mkdir creates directories with zero permissions on OpenBSD
* go#73669 hash/maphash: hashing channels with purego impl. of maphash.Comparable panics
* go#73678 runtime/debug: BuildSetting does not document DefaultGODEBUG
* go#73809 cmd/go: add fips140 module selection mechanism
* go#73832 cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen
Patchnames
SUSE-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3158,openSUSE-SLE-15.6-2025-3158
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.24-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis security update of go1.24-openssl fixes the following issues:\n\nUpdate to version 1.24.6 cut from the go1.24-fips-release\nbranch at the revision tagged go1.24.6-1-openssl-fips.\nRefs jsc#SLE-18320\n\n* Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil\n salt to be passed as a hash length buffer of zeros.\n\ngo1.24.6 (released 2025-08-06) includes security fixes to the\ndatabase/sql and os/exec packages, as well as bug fixes to the\nruntime. ( boo#1236217 go1.24 release tracking)\n\nCVE-2025-47906 CVE-2025-47907:\n\n* go#74804 go#74466 boo#1247719 security: fix CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of \u0027\u0027, \u0027.\u0027 and \u0027..\u0027 in some PATH configurations\n* go#74833 go#74831 boo#1247720 security: fix CVE-2025-47907 database/sql: incorrect results returned from Rows.Scan\n\n* go#73800 runtime: RSS seems to have increased in Go 1.24 while the runtime accounting has not\n* go#74416 runtime: use-after-free of allpSnapshot in findRunnable\n* go#74694 runtime: segfaults in runtime.(*unwinder).next\n* go#74760 os/user:nolibgcc: TestGroupIdsTestUser failures\n\ngo1.24.5 (released 2025-07-08) includes security fixes to the go\ncommand, as well as bug fixes to the compiler, the linker, the , and\nthe go command. ( boo#1236217 go1.24 release tracking)\nj\nCVE-2025-4674:\n\n* go#74381 go#74380 boo#1246118 security: fix CVE-2025-4674 cmd/go: disable support for multiple vcs in one module\n\n* go#73908 runtime: bad frame pointer during panic during duffcopy\n* go#74098 cmd/compile: regression on ppc64le bit operations\n* go#74113 cmd/go: crash on unknown GOEXPERIMENT during toolchain selection\n* go#74290 runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning\n* go#74294 internal/trace: stress tests triggering suspected deadlock in tracer\n* go#74346 runtime: memlock not unlocked in all control flow paths in sysReserveAlignedSbrk\n* go#74363 runtime/pprof: crash \u0027cannot read stack of running goroutine\u0027 in goroutine profile\n* go#74403 cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN\n\ngo1.24.4 (released 2025-06-05) includes security fixes to the\ncrypto/x509, net/http, and os packages, as well as bug fixes to\nthe linker, the go command, and the hash/maphash and os packages.\n( boo#1236217 go1.24 release tracking)\n\nCVE-2025-22874 CVE-2025-0913 CVE-2025-4673\n* go#73700 go#73702 boo#1244158 security: fix CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation\n* go#73720 go#73612 boo#1244157 security: fix CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows\n* go#73906 go#73816 boo#1244156 security: fix CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect\n\n* go#73570 os: Root.Mkdir creates directories with zero permissions on OpenBSD\n* go#73669 hash/maphash: hashing channels with purego impl. of maphash.Comparable panics\n* go#73678 runtime/debug: BuildSetting does not document DefaultGODEBUG\n* go#73809 cmd/go: add fips140 module selection mechanism\n* go#73832 cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3158,openSUSE-SLE-15.6-2025-3158",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03158-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03158-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503158-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03158-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041648.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236217",
"url": "https://bugzilla.suse.com/1236217"
},
{
"category": "self",
"summary": "SUSE Bug 1244156",
"url": "https://bugzilla.suse.com/1244156"
},
{
"category": "self",
"summary": "SUSE Bug 1244157",
"url": "https://bugzilla.suse.com/1244157"
},
{
"category": "self",
"summary": "SUSE Bug 1244158",
"url": "https://bugzilla.suse.com/1244158"
},
{
"category": "self",
"summary": "SUSE Bug 1246118",
"url": "https://bugzilla.suse.com/1246118"
},
{
"category": "self",
"summary": "SUSE Bug 1247719",
"url": "https://bugzilla.suse.com/1247719"
},
{
"category": "self",
"summary": "SUSE Bug 1247720",
"url": "https://bugzilla.suse.com/1247720"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4674 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "Security update for go1.24-openssl",
"tracking": {
"current_release_date": "2025-09-11T03:04:46Z",
"generator": {
"date": "2025-09-11T03:04:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03158-1",
"initial_release_date": "2025-09-11T03:04:46Z",
"revision_history": [
{
"date": "2025-09-11T03:04:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.i586",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.i586",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.i586"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.i586",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.i586",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0913"
}
],
"notes": [
{
"category": "general",
"text": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0913",
"url": "https://www.suse.com/security/cve/CVE-2025-0913"
},
{
"category": "external",
"summary": "SUSE Bug 1244157 for CVE-2025-0913",
"url": "https://bugzilla.suse.com/1244157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-22874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22874"
}
],
"notes": [
{
"category": "general",
"text": "Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22874",
"url": "https://www.suse.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "SUSE Bug 1244158 for CVE-2025-22874",
"url": "https://bugzilla.suse.com/1244158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "important"
}
],
"title": "CVE-2025-22874"
},
{
"cve": "CVE-2025-4673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4673"
}
],
"notes": [
{
"category": "general",
"text": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4673",
"url": "https://www.suse.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "SUSE Bug 1244156 for CVE-2025-4673",
"url": "https://bugzilla.suse.com/1244156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-4673"
},
{
"cve": "CVE-2025-4674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4674"
}
],
"notes": [
{
"category": "general",
"text": "The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via \"go get\", are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4674",
"url": "https://www.suse.com/security/cve/CVE-2025-4674"
},
{
"category": "external",
"summary": "SUSE Bug 1246118 for CVE-2025-4674",
"url": "https://bugzilla.suse.com/1246118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "important"
}
],
"title": "CVE-2025-4674"
},
{
"cve": "CVE-2025-47906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47906"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47906",
"url": "https://www.suse.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "SUSE Bug 1247719 for CVE-2025-47906",
"url": "https://bugzilla.suse.com/1247719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…