Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-47287 (GCVE-0-2025-47287)
Vulnerability from cvelistv5
Published
2025-05-15 21:17
Modified
2025-05-29 06:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| tornadoweb | tornado |
Version: < 6.5.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47287",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T13:36:22.375175Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T13:36:31.466Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-05-29T06:04:05.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tornado",
"vendor": "tornadoweb",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Tornado is a Python web framework and asynchronous networking library. When Tornado\u0027s ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T21:17:55.188Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
},
{
"name": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
}
],
"source": {
"advisory": "GHSA-7cx3-6m66-7c5m",
"discovery": "UNKNOWN"
},
"title": "Tornado vulnerable to excessive logging caused by malformed multipart form data"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47287",
"datePublished": "2025-05-15T21:17:55.188Z",
"dateReserved": "2025-05-05T16:53:10.374Z",
"dateUpdated": "2025-05-29T06:04:05.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-47287\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-05-15T22:15:18.827\",\"lastModified\":\"2025-05-29T06:15:23.090\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Tornado is a Python web framework and asynchronous networking library. When Tornado\u0027s ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.\"},{\"lang\":\"es\",\"value\":\"Tornado es un framework web de Python y una librer\u00eda de redes as\u00edncronas. Cuando el analizador ``multipart/form-data`` de Tornado detecta ciertos errores, registra una advertencia, pero contin\u00faa intentando analizar el resto de los datos. Esto permite a atacantes remotos generar un volumen extremadamente alto de registros, lo que constituye un ataque de denegaci\u00f3n de servicio (DoS). Este DoS se ve agravado por el hecho de que el subsistema de registro es s\u00edncrono. Todas las versiones de Tornado anteriores a la 6.5.0 est\u00e1n afectadas. El analizador vulnerable est\u00e1 habilitado por defecto. Actualice a la versi\u00f3n 6.50 de Tornado para recibir un parche. Como workaround, se puede mitigar el riesgo bloqueando `Content-Type: multipart/form-data` en un proxy.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"references\":[{\"url\":\"https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/05/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/05/msg00038.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-05-29T06:04:05.899Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-47287\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-16T13:36:22.375175Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-16T13:36:25.413Z\"}}], \"cna\": {\"title\": \"Tornado vulnerable to excessive logging caused by malformed multipart form data\", \"source\": {\"advisory\": \"GHSA-7cx3-6m66-7c5m\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"tornadoweb\", \"product\": \"tornado\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 6.5.0\"}]}], \"references\": [{\"url\": \"https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m\", \"name\": \"https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3\", \"name\": \"https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Tornado is a Python web framework and asynchronous networking library. When Tornado\u0027s ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"CWE-770: Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-05-15T21:17:55.188Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-47287\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-29T06:04:05.899Z\", \"dateReserved\": \"2025-05-05T16:53:10.374Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-05-15T21:17:55.188Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
fkie_cve-2025-47287
Vulnerability from fkie_nvd
Published
2025-05-15 22:15
Modified
2025-05-29 06:15
Severity ?
Summary
Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3 | ||
| security-advisories@github.com | https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2025/05/msg00038.html |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Tornado is a Python web framework and asynchronous networking library. When Tornado\u0027s ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy."
},
{
"lang": "es",
"value": "Tornado es un framework web de Python y una librer\u00eda de redes as\u00edncronas. Cuando el analizador ``multipart/form-data`` de Tornado detecta ciertos errores, registra una advertencia, pero contin\u00faa intentando analizar el resto de los datos. Esto permite a atacantes remotos generar un volumen extremadamente alto de registros, lo que constituye un ataque de denegaci\u00f3n de servicio (DoS). Este DoS se ve agravado por el hecho de que el subsistema de registro es s\u00edncrono. Todas las versiones de Tornado anteriores a la 6.5.0 est\u00e1n afectadas. El analizador vulnerable est\u00e1 habilitado por defecto. Actualice a la versi\u00f3n 6.50 de Tornado para recibir un parche. Como workaround, se puede mitigar el riesgo bloqueando `Content-Type: multipart/form-data` en un proxy."
}
],
"id": "CVE-2025-47287",
"lastModified": "2025-05-29T06:15:23.090",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-05-15T22:15:18.827",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00038.html"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
CERTFR-2025-AVI-0760
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar SIEM | User Entity Behavior Analytics pour IBM QRadar SIEM versions antérieures à 5.0.1 | ||
| IBM | WebSphere | IBM Common Licensing pour Websphere Liberty Agent versions 9.0.x antérieures à 9.0.0.2 | ||
| IBM | Db2 | Db2 on Cloud Pak for Data versions antérieures à v5.2.1 | ||
| IBM | WebSphere | IBM Enterprise Application Runtimes pour WebSphere Application Server version 1.0 sans les correctif de sécurité APAR PH67137 et APAR PH67132 | ||
| IBM | WebSphere | Engineering Test Management versions 7.0.2 et 7.0.3 pour WebSphere Application Server 8.5 et 9.0 sans le dernier correctif de sécurité | ||
| IBM | WebSphere | Engineering Lifecycle Management 7.0.2 et 7.0.3 pour WebSphere Application Server Liberty versions 17.0.0.3 à 25.0.0.8 sans le dernier correctif de sécurité | ||
| IBM | WebSphere | IBM Common Licensing pour Websphere Liberty ART versions 9.0.x antérieures à 9.0.0.2 | ||
| IBM | WebSphere | Engineering Lifecycle Management 7.1 pour WebSphere Application Server Liberty versions 17.0.0.3 à 25.0.0.8 sans le dernier correctif de sécurité | ||
| IBM | WebSphere | Cloud Pak for Applications versions 5.1 à 5.3 pour WebSphere Application Server Liberty sans les correctifs de sécurité APAR PH67132 et APAR PH67137 | ||
| IBM | WebSphere | Engineering Test Management versions 7.1 pour WebSphere Application Server 8.5 et 9.0 sans le dernier correctif de sécurité | ||
| IBM | WebSphere | WebSphere Application Server and WebSphere Application Server Liberty, avec les fonctionnalités jsonp sans le dernier correctif de sécurité | ||
| IBM | WebSphere | WebSphere Hybrid Edition version 5.1 sans les correctifs de sécurité APAR PH67137, APAR PH67132, | ||
| IBM | Db2 | Db2 Warehouse on Cloud Pak for Data versions antérieures à v5.2.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "User Entity Behavior Analytics pour IBM QRadar SIEM versions ant\u00e9rieures \u00e0 5.0.1",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Common Licensing pour Websphere Liberty Agent versions 9.0.x ant\u00e9rieures \u00e0 9.0.0.2",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 on Cloud Pak for Data versions ant\u00e9rieures \u00e0 v5.2.1",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Enterprise Application Runtimes pour WebSphere Application Server version 1.0 sans les correctif de s\u00e9curit\u00e9 APAR PH67137 et APAR PH67132",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Engineering Test Management versions 7.0.2 et 7.0.3 pour WebSphere Application Server 8.5 et 9.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Engineering Lifecycle Management 7.0.2 et 7.0.3 pour WebSphere Application Server Liberty versions 17.0.0.3 \u00e0 25.0.0.8 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Common Licensing pour Websphere Liberty ART versions 9.0.x ant\u00e9rieures \u00e0 9.0.0.2",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Engineering Lifecycle Management 7.1 pour WebSphere Application Server Liberty versions 17.0.0.3 \u00e0 25.0.0.8 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak for Applications versions 5.1 \u00e0 5.3 pour WebSphere Application Server Liberty sans les correctifs de s\u00e9curit\u00e9 APAR PH67132 et APAR PH67137",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Engineering Test Management versions 7.1 pour WebSphere Application Server 8.5 et 9.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server and WebSphere Application Server Liberty, avec les fonctionnalit\u00e9s jsonp sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Hybrid Edition version 5.1 sans les correctifs de s\u00e9curit\u00e9 APAR PH67137, APAR PH67132,",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 Warehouse on Cloud Pak for Data versions ant\u00e9rieures \u00e0 v5.2.1",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2025-0755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0755"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"name": "CVE-2024-51473",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51473"
},
{
"name": "CVE-2015-5237",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5237"
},
{
"name": "CVE-2025-3445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3445"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-46762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46762"
},
{
"name": "CVE-2025-32421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32421"
},
{
"name": "CVE-2016-4055",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4055"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-49766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49766"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2024-56326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56326"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2025-30472",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30472"
},
{
"name": "CVE-2025-24528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24528"
},
{
"name": "CVE-2024-45813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45813"
},
{
"name": "CVE-2022-36364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
},
{
"name": "CVE-2023-5868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5868"
},
{
"name": "CVE-2025-48050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48050"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2025-33092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33092"
},
{
"name": "CVE-2024-51479",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51479"
},
{
"name": "CVE-2025-1647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1647"
},
{
"name": "CVE-2023-39417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39417"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2024-0406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0406"
},
{
"name": "CVE-2024-11831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11831"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2025-33143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33143"
},
{
"name": "CVE-2021-3393",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3393"
},
{
"name": "CVE-2025-2533",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2533"
},
{
"name": "CVE-2019-10202",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10202"
},
{
"name": "CVE-2023-5870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2025-36097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36097"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2025-36010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36010"
},
{
"name": "CVE-2025-36047",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36047"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2022-49846",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49846"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2023-5869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5869"
},
{
"name": "CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"name": "CVE-2025-48068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48068"
},
{
"name": "CVE-2024-48949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48949"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2025-33114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33114"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2025-27152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
},
{
"name": "CVE-2022-41862",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41862"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2023-22467",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22467"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-48948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48948"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2019-9193",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9193"
},
{
"name": "CVE-2018-5968",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2024-56332",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56332"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-37799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37799"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2023-26133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26133"
},
{
"name": "CVE-2024-6484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6484"
},
{
"name": "CVE-2024-6485",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6485"
},
{
"name": "CVE-2023-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2454"
},
{
"name": "CVE-2024-9823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9823"
},
{
"name": "CVE-2025-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
},
{
"name": "CVE-2024-56339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56339"
},
{
"name": "CVE-2024-49767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49767"
},
{
"name": "CVE-2022-1552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1552"
},
{
"name": "CVE-2024-49828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49828"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2025-29927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29927"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2023-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-36071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36071"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2024-0985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0985"
},
{
"name": "CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2019-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12086"
},
{
"name": "CVE-2024-6827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6827"
},
{
"name": "CVE-2023-52933",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52933"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2022-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2625"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"name": "CVE-2024-6762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6762"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2024-52894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52894"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-6442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6442"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-21756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21756"
},
{
"name": "CVE-2018-1000873",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000873"
},
{
"name": "CVE-2023-32305",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32305"
},
{
"name": "CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"initial_release_date": "2025-09-05T00:00:00",
"last_revision_date": "2025-09-05T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0760",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7243927",
"url": "https://www.ibm.com/support/pages/node/7243927"
},
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7243923",
"url": "https://www.ibm.com/support/pages/node/7243923"
},
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7243924",
"url": "https://www.ibm.com/support/pages/node/7243924"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7244012",
"url": "https://www.ibm.com/support/pages/node/7244012"
},
{
"published_at": "2025-09-01",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7243659",
"url": "https://www.ibm.com/support/pages/node/7243659"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7244002",
"url": "https://www.ibm.com/support/pages/node/7244002"
},
{
"published_at": "2025-08-29",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7243582",
"url": "https://www.ibm.com/support/pages/node/7243582"
},
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7243928",
"url": "https://www.ibm.com/support/pages/node/7243928"
},
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7243925",
"url": "https://www.ibm.com/support/pages/node/7243925"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7244010",
"url": "https://www.ibm.com/support/pages/node/7244010"
},
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7243922",
"url": "https://www.ibm.com/support/pages/node/7243922"
},
{
"published_at": "2025-09-01",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7243673",
"url": "https://www.ibm.com/support/pages/node/7243673"
},
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7243877",
"url": "https://www.ibm.com/support/pages/node/7243877"
}
]
}
opensuse-su-2025:15153-1
Vulnerability from csaf_opensuse
Published
2025-05-23 00:00
Modified
2025-05-23 00:00
Summary
python311-tornado6-6.5-1.1 on GA media
Notes
Title of the patch
python311-tornado6-6.5-1.1 on GA media
Description of the patch
These are all security issues fixed in the python311-tornado6-6.5-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15153
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python311-tornado6-6.5-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python311-tornado6-6.5-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15153",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15153-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:15153-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UONXT4J4OCDF5HUKE3ESBSBHQZIGVTZ2/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:15153-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UONXT4J4OCDF5HUKE3ESBSBHQZIGVTZ2/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47287 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47287/"
}
],
"title": "python311-tornado6-6.5-1.1 on GA media",
"tracking": {
"current_release_date": "2025-05-23T00:00:00Z",
"generator": {
"date": "2025-05-23T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15153-1",
"initial_release_date": "2025-05-23T00:00:00Z",
"revision_history": [
{
"date": "2025-05-23T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python311-tornado6-6.5-1.1.aarch64",
"product": {
"name": "python311-tornado6-6.5-1.1.aarch64",
"product_id": "python311-tornado6-6.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-tornado6-6.5-1.1.aarch64",
"product": {
"name": "python312-tornado6-6.5-1.1.aarch64",
"product_id": "python312-tornado6-6.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python313-tornado6-6.5-1.1.aarch64",
"product": {
"name": "python313-tornado6-6.5-1.1.aarch64",
"product_id": "python313-tornado6-6.5-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-tornado6-6.5-1.1.ppc64le",
"product": {
"name": "python311-tornado6-6.5-1.1.ppc64le",
"product_id": "python311-tornado6-6.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-tornado6-6.5-1.1.ppc64le",
"product": {
"name": "python312-tornado6-6.5-1.1.ppc64le",
"product_id": "python312-tornado6-6.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python313-tornado6-6.5-1.1.ppc64le",
"product": {
"name": "python313-tornado6-6.5-1.1.ppc64le",
"product_id": "python313-tornado6-6.5-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-tornado6-6.5-1.1.s390x",
"product": {
"name": "python311-tornado6-6.5-1.1.s390x",
"product_id": "python311-tornado6-6.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-tornado6-6.5-1.1.s390x",
"product": {
"name": "python312-tornado6-6.5-1.1.s390x",
"product_id": "python312-tornado6-6.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python313-tornado6-6.5-1.1.s390x",
"product": {
"name": "python313-tornado6-6.5-1.1.s390x",
"product_id": "python313-tornado6-6.5-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-tornado6-6.5-1.1.x86_64",
"product": {
"name": "python311-tornado6-6.5-1.1.x86_64",
"product_id": "python311-tornado6-6.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-tornado6-6.5-1.1.x86_64",
"product": {
"name": "python312-tornado6-6.5-1.1.x86_64",
"product_id": "python312-tornado6-6.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python313-tornado6-6.5-1.1.x86_64",
"product": {
"name": "python313-tornado6-6.5-1.1.x86_64",
"product_id": "python313-tornado6-6.5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-tornado6-6.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-tornado6-6.5-1.1.aarch64"
},
"product_reference": "python311-tornado6-6.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-tornado6-6.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-tornado6-6.5-1.1.ppc64le"
},
"product_reference": "python311-tornado6-6.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-tornado6-6.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-tornado6-6.5-1.1.s390x"
},
"product_reference": "python311-tornado6-6.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-tornado6-6.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-tornado6-6.5-1.1.x86_64"
},
"product_reference": "python311-tornado6-6.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-tornado6-6.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-tornado6-6.5-1.1.aarch64"
},
"product_reference": "python312-tornado6-6.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-tornado6-6.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-tornado6-6.5-1.1.ppc64le"
},
"product_reference": "python312-tornado6-6.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-tornado6-6.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-tornado6-6.5-1.1.s390x"
},
"product_reference": "python312-tornado6-6.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-tornado6-6.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-tornado6-6.5-1.1.x86_64"
},
"product_reference": "python312-tornado6-6.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-tornado6-6.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-tornado6-6.5-1.1.aarch64"
},
"product_reference": "python313-tornado6-6.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-tornado6-6.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-tornado6-6.5-1.1.ppc64le"
},
"product_reference": "python313-tornado6-6.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-tornado6-6.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-tornado6-6.5-1.1.s390x"
},
"product_reference": "python313-tornado6-6.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-tornado6-6.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-tornado6-6.5-1.1.x86_64"
},
"product_reference": "python313-tornado6-6.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47287"
}
],
"notes": [
{
"category": "general",
"text": "Tornado is a Python web framework and asynchronous networking library. When Tornado\u0027s ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.aarch64",
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.ppc64le",
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.s390x",
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.x86_64",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.aarch64",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.ppc64le",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.s390x",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.x86_64",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.aarch64",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.ppc64le",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.s390x",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47287",
"url": "https://www.suse.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "SUSE Bug 1243268 for CVE-2025-47287",
"url": "https://bugzilla.suse.com/1243268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.aarch64",
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.ppc64le",
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.s390x",
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.x86_64",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.aarch64",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.ppc64le",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.s390x",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.x86_64",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.aarch64",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.ppc64le",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.s390x",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.aarch64",
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.ppc64le",
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.s390x",
"openSUSE Tumbleweed:python311-tornado6-6.5-1.1.x86_64",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.aarch64",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.ppc64le",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.s390x",
"openSUSE Tumbleweed:python312-tornado6-6.5-1.1.x86_64",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.aarch64",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.ppc64le",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.s390x",
"openSUSE Tumbleweed:python313-tornado6-6.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-23T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-47287"
}
]
}
opensuse-su-2025:15295-1
Vulnerability from csaf_opensuse
Published
2025-07-03 00:00
Modified
2025-07-03 00:00
Summary
python311-salt-3006.0-41.1 on GA media
Notes
Title of the patch
python311-salt-3006.0-41.1 on GA media
Description of the patch
These are all security issues fixed in the python311-salt-3006.0-41.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15295
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python311-salt-3006.0-41.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python311-salt-3006.0-41.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15295",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15295-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38822 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38823 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38824 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38825 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22236 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22236/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22237 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22238 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22239 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22241 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22242 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22242/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47287 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47287/"
}
],
"title": "python311-salt-3006.0-41.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15295-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python311-salt-3006.0-41.1.aarch64",
"product": {
"name": "python311-salt-3006.0-41.1.aarch64",
"product_id": "python311-salt-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-salt-3006.0-41.1.aarch64",
"product": {
"name": "python312-salt-3006.0-41.1.aarch64",
"product_id": "python312-salt-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "python313-salt-3006.0-41.1.aarch64",
"product": {
"name": "python313-salt-3006.0-41.1.aarch64",
"product_id": "python313-salt-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-3006.0-41.1.aarch64",
"product": {
"name": "salt-3006.0-41.1.aarch64",
"product_id": "salt-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-api-3006.0-41.1.aarch64",
"product": {
"name": "salt-api-3006.0-41.1.aarch64",
"product_id": "salt-api-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-bash-completion-3006.0-41.1.aarch64",
"product": {
"name": "salt-bash-completion-3006.0-41.1.aarch64",
"product_id": "salt-bash-completion-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-cloud-3006.0-41.1.aarch64",
"product": {
"name": "salt-cloud-3006.0-41.1.aarch64",
"product_id": "salt-cloud-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-doc-3006.0-41.1.aarch64",
"product": {
"name": "salt-doc-3006.0-41.1.aarch64",
"product_id": "salt-doc-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-fish-completion-3006.0-41.1.aarch64",
"product": {
"name": "salt-fish-completion-3006.0-41.1.aarch64",
"product_id": "salt-fish-completion-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-master-3006.0-41.1.aarch64",
"product": {
"name": "salt-master-3006.0-41.1.aarch64",
"product_id": "salt-master-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-minion-3006.0-41.1.aarch64",
"product": {
"name": "salt-minion-3006.0-41.1.aarch64",
"product_id": "salt-minion-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-proxy-3006.0-41.1.aarch64",
"product": {
"name": "salt-proxy-3006.0-41.1.aarch64",
"product_id": "salt-proxy-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-ssh-3006.0-41.1.aarch64",
"product": {
"name": "salt-ssh-3006.0-41.1.aarch64",
"product_id": "salt-ssh-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"product": {
"name": "salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"product_id": "salt-standalone-formulas-configuration-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-syndic-3006.0-41.1.aarch64",
"product": {
"name": "salt-syndic-3006.0-41.1.aarch64",
"product_id": "salt-syndic-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-transactional-update-3006.0-41.1.aarch64",
"product": {
"name": "salt-transactional-update-3006.0-41.1.aarch64",
"product_id": "salt-transactional-update-3006.0-41.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-zsh-completion-3006.0-41.1.aarch64",
"product": {
"name": "salt-zsh-completion-3006.0-41.1.aarch64",
"product_id": "salt-zsh-completion-3006.0-41.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-salt-3006.0-41.1.ppc64le",
"product": {
"name": "python311-salt-3006.0-41.1.ppc64le",
"product_id": "python311-salt-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-salt-3006.0-41.1.ppc64le",
"product": {
"name": "python312-salt-3006.0-41.1.ppc64le",
"product_id": "python312-salt-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python313-salt-3006.0-41.1.ppc64le",
"product": {
"name": "python313-salt-3006.0-41.1.ppc64le",
"product_id": "python313-salt-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-3006.0-41.1.ppc64le",
"product": {
"name": "salt-3006.0-41.1.ppc64le",
"product_id": "salt-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-api-3006.0-41.1.ppc64le",
"product": {
"name": "salt-api-3006.0-41.1.ppc64le",
"product_id": "salt-api-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-bash-completion-3006.0-41.1.ppc64le",
"product": {
"name": "salt-bash-completion-3006.0-41.1.ppc64le",
"product_id": "salt-bash-completion-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-cloud-3006.0-41.1.ppc64le",
"product": {
"name": "salt-cloud-3006.0-41.1.ppc64le",
"product_id": "salt-cloud-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-doc-3006.0-41.1.ppc64le",
"product": {
"name": "salt-doc-3006.0-41.1.ppc64le",
"product_id": "salt-doc-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-fish-completion-3006.0-41.1.ppc64le",
"product": {
"name": "salt-fish-completion-3006.0-41.1.ppc64le",
"product_id": "salt-fish-completion-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-master-3006.0-41.1.ppc64le",
"product": {
"name": "salt-master-3006.0-41.1.ppc64le",
"product_id": "salt-master-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-minion-3006.0-41.1.ppc64le",
"product": {
"name": "salt-minion-3006.0-41.1.ppc64le",
"product_id": "salt-minion-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-proxy-3006.0-41.1.ppc64le",
"product": {
"name": "salt-proxy-3006.0-41.1.ppc64le",
"product_id": "salt-proxy-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-ssh-3006.0-41.1.ppc64le",
"product": {
"name": "salt-ssh-3006.0-41.1.ppc64le",
"product_id": "salt-ssh-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"product": {
"name": "salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"product_id": "salt-standalone-formulas-configuration-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-syndic-3006.0-41.1.ppc64le",
"product": {
"name": "salt-syndic-3006.0-41.1.ppc64le",
"product_id": "salt-syndic-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-transactional-update-3006.0-41.1.ppc64le",
"product": {
"name": "salt-transactional-update-3006.0-41.1.ppc64le",
"product_id": "salt-transactional-update-3006.0-41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-zsh-completion-3006.0-41.1.ppc64le",
"product": {
"name": "salt-zsh-completion-3006.0-41.1.ppc64le",
"product_id": "salt-zsh-completion-3006.0-41.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-salt-3006.0-41.1.s390x",
"product": {
"name": "python311-salt-3006.0-41.1.s390x",
"product_id": "python311-salt-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-salt-3006.0-41.1.s390x",
"product": {
"name": "python312-salt-3006.0-41.1.s390x",
"product_id": "python312-salt-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "python313-salt-3006.0-41.1.s390x",
"product": {
"name": "python313-salt-3006.0-41.1.s390x",
"product_id": "python313-salt-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-3006.0-41.1.s390x",
"product": {
"name": "salt-3006.0-41.1.s390x",
"product_id": "salt-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-api-3006.0-41.1.s390x",
"product": {
"name": "salt-api-3006.0-41.1.s390x",
"product_id": "salt-api-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-bash-completion-3006.0-41.1.s390x",
"product": {
"name": "salt-bash-completion-3006.0-41.1.s390x",
"product_id": "salt-bash-completion-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-cloud-3006.0-41.1.s390x",
"product": {
"name": "salt-cloud-3006.0-41.1.s390x",
"product_id": "salt-cloud-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-doc-3006.0-41.1.s390x",
"product": {
"name": "salt-doc-3006.0-41.1.s390x",
"product_id": "salt-doc-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-fish-completion-3006.0-41.1.s390x",
"product": {
"name": "salt-fish-completion-3006.0-41.1.s390x",
"product_id": "salt-fish-completion-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-master-3006.0-41.1.s390x",
"product": {
"name": "salt-master-3006.0-41.1.s390x",
"product_id": "salt-master-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-minion-3006.0-41.1.s390x",
"product": {
"name": "salt-minion-3006.0-41.1.s390x",
"product_id": "salt-minion-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-proxy-3006.0-41.1.s390x",
"product": {
"name": "salt-proxy-3006.0-41.1.s390x",
"product_id": "salt-proxy-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-ssh-3006.0-41.1.s390x",
"product": {
"name": "salt-ssh-3006.0-41.1.s390x",
"product_id": "salt-ssh-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"product": {
"name": "salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"product_id": "salt-standalone-formulas-configuration-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-syndic-3006.0-41.1.s390x",
"product": {
"name": "salt-syndic-3006.0-41.1.s390x",
"product_id": "salt-syndic-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-transactional-update-3006.0-41.1.s390x",
"product": {
"name": "salt-transactional-update-3006.0-41.1.s390x",
"product_id": "salt-transactional-update-3006.0-41.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-zsh-completion-3006.0-41.1.s390x",
"product": {
"name": "salt-zsh-completion-3006.0-41.1.s390x",
"product_id": "salt-zsh-completion-3006.0-41.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-salt-3006.0-41.1.x86_64",
"product": {
"name": "python311-salt-3006.0-41.1.x86_64",
"product_id": "python311-salt-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-salt-3006.0-41.1.x86_64",
"product": {
"name": "python312-salt-3006.0-41.1.x86_64",
"product_id": "python312-salt-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "python313-salt-3006.0-41.1.x86_64",
"product": {
"name": "python313-salt-3006.0-41.1.x86_64",
"product_id": "python313-salt-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-3006.0-41.1.x86_64",
"product": {
"name": "salt-3006.0-41.1.x86_64",
"product_id": "salt-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-api-3006.0-41.1.x86_64",
"product": {
"name": "salt-api-3006.0-41.1.x86_64",
"product_id": "salt-api-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-bash-completion-3006.0-41.1.x86_64",
"product": {
"name": "salt-bash-completion-3006.0-41.1.x86_64",
"product_id": "salt-bash-completion-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-cloud-3006.0-41.1.x86_64",
"product": {
"name": "salt-cloud-3006.0-41.1.x86_64",
"product_id": "salt-cloud-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-doc-3006.0-41.1.x86_64",
"product": {
"name": "salt-doc-3006.0-41.1.x86_64",
"product_id": "salt-doc-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-fish-completion-3006.0-41.1.x86_64",
"product": {
"name": "salt-fish-completion-3006.0-41.1.x86_64",
"product_id": "salt-fish-completion-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-master-3006.0-41.1.x86_64",
"product": {
"name": "salt-master-3006.0-41.1.x86_64",
"product_id": "salt-master-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-minion-3006.0-41.1.x86_64",
"product": {
"name": "salt-minion-3006.0-41.1.x86_64",
"product_id": "salt-minion-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-proxy-3006.0-41.1.x86_64",
"product": {
"name": "salt-proxy-3006.0-41.1.x86_64",
"product_id": "salt-proxy-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-ssh-3006.0-41.1.x86_64",
"product": {
"name": "salt-ssh-3006.0-41.1.x86_64",
"product_id": "salt-ssh-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"product": {
"name": "salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"product_id": "salt-standalone-formulas-configuration-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-syndic-3006.0-41.1.x86_64",
"product": {
"name": "salt-syndic-3006.0-41.1.x86_64",
"product_id": "salt-syndic-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-transactional-update-3006.0-41.1.x86_64",
"product": {
"name": "salt-transactional-update-3006.0-41.1.x86_64",
"product_id": "salt-transactional-update-3006.0-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-zsh-completion-3006.0-41.1.x86_64",
"product": {
"name": "salt-zsh-completion-3006.0-41.1.x86_64",
"product_id": "salt-zsh-completion-3006.0-41.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-salt-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64"
},
"product_reference": "python311-salt-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-salt-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le"
},
"product_reference": "python311-salt-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-salt-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x"
},
"product_reference": "python311-salt-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-salt-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64"
},
"product_reference": "python311-salt-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-salt-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64"
},
"product_reference": "python312-salt-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-salt-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le"
},
"product_reference": "python312-salt-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-salt-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x"
},
"product_reference": "python312-salt-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-salt-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64"
},
"product_reference": "python312-salt-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-salt-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64"
},
"product_reference": "python313-salt-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-salt-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le"
},
"product_reference": "python313-salt-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-salt-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x"
},
"product_reference": "python313-salt-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-salt-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64"
},
"product_reference": "python313-salt-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-3006.0-41.1.aarch64"
},
"product_reference": "salt-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le"
},
"product_reference": "salt-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-3006.0-41.1.s390x"
},
"product_reference": "salt-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-3006.0-41.1.x86_64"
},
"product_reference": "salt-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64"
},
"product_reference": "salt-api-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le"
},
"product_reference": "salt-api-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x"
},
"product_reference": "salt-api-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64"
},
"product_reference": "salt-api-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-bash-completion-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64"
},
"product_reference": "salt-bash-completion-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-bash-completion-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le"
},
"product_reference": "salt-bash-completion-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-bash-completion-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x"
},
"product_reference": "salt-bash-completion-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-bash-completion-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64"
},
"product_reference": "salt-bash-completion-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64"
},
"product_reference": "salt-cloud-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le"
},
"product_reference": "salt-cloud-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x"
},
"product_reference": "salt-cloud-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64"
},
"product_reference": "salt-cloud-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64"
},
"product_reference": "salt-doc-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le"
},
"product_reference": "salt-doc-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x"
},
"product_reference": "salt-doc-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64"
},
"product_reference": "salt-doc-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-fish-completion-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64"
},
"product_reference": "salt-fish-completion-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-fish-completion-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le"
},
"product_reference": "salt-fish-completion-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-fish-completion-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x"
},
"product_reference": "salt-fish-completion-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-fish-completion-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64"
},
"product_reference": "salt-fish-completion-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64"
},
"product_reference": "salt-master-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le"
},
"product_reference": "salt-master-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x"
},
"product_reference": "salt-master-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64"
},
"product_reference": "salt-master-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64"
},
"product_reference": "salt-minion-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le"
},
"product_reference": "salt-minion-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x"
},
"product_reference": "salt-minion-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64"
},
"product_reference": "salt-minion-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64"
},
"product_reference": "salt-proxy-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le"
},
"product_reference": "salt-proxy-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x"
},
"product_reference": "salt-proxy-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64"
},
"product_reference": "salt-proxy-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64"
},
"product_reference": "salt-ssh-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le"
},
"product_reference": "salt-ssh-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x"
},
"product_reference": "salt-ssh-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64"
},
"product_reference": "salt-ssh-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64"
},
"product_reference": "salt-syndic-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le"
},
"product_reference": "salt-syndic-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x"
},
"product_reference": "salt-syndic-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64"
},
"product_reference": "salt-syndic-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64"
},
"product_reference": "salt-transactional-update-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le"
},
"product_reference": "salt-transactional-update-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x"
},
"product_reference": "salt-transactional-update-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64"
},
"product_reference": "salt-transactional-update-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-zsh-completion-3006.0-41.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64"
},
"product_reference": "salt-zsh-completion-3006.0-41.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-zsh-completion-3006.0-41.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le"
},
"product_reference": "salt-zsh-completion-3006.0-41.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-zsh-completion-3006.0-41.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x"
},
"product_reference": "salt-zsh-completion-3006.0-41.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-zsh-completion-3006.0-41.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
},
"product_reference": "salt-zsh-completion-3006.0-41.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38822"
}
],
"notes": [
{
"category": "general",
"text": "Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38822",
"url": "https://www.suse.com/security/cve/CVE-2024-38822"
},
{
"category": "external",
"summary": "SUSE Bug 1244561 for CVE-2024-38822",
"url": "https://bugzilla.suse.com/1244561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2024-38822"
},
{
"cve": "CVE-2024-38823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38823"
}
],
"notes": [
{
"category": "general",
"text": "Salt\u0027s request server is vulnerable to replay attacks when not using a TLS encrypted transport.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38823",
"url": "https://www.suse.com/security/cve/CVE-2024-38823"
},
{
"category": "external",
"summary": "SUSE Bug 1244564 for CVE-2024-38823",
"url": "https://bugzilla.suse.com/1244564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-38823"
},
{
"cve": "CVE-2024-38824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38824"
}
],
"notes": [
{
"category": "general",
"text": "Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38824",
"url": "https://www.suse.com/security/cve/CVE-2024-38824"
},
{
"category": "external",
"summary": "SUSE Bug 1244565 for CVE-2024-38824",
"url": "https://bugzilla.suse.com/1244565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2024-38824"
},
{
"cve": "CVE-2024-38825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38825"
}
],
"notes": [
{
"category": "general",
"text": "The salt.auth.pki module does not properly authenticate callers. The \"password\" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38825",
"url": "https://www.suse.com/security/cve/CVE-2024-38825"
},
{
"category": "external",
"summary": "SUSE Bug 1244566 for CVE-2024-38825",
"url": "https://bugzilla.suse.com/1244566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-38825"
},
{
"cve": "CVE-2025-22236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22236"
}
],
"notes": [
{
"category": "general",
"text": "Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions (\u003e= 3007.0).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22236",
"url": "https://www.suse.com/security/cve/CVE-2025-22236"
},
{
"category": "external",
"summary": "SUSE Bug 1244568 for CVE-2025-22236",
"url": "https://bugzilla.suse.com/1244568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22236"
},
{
"cve": "CVE-2025-22237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22237"
}
],
"notes": [
{
"category": "general",
"text": "An attacker with access to a minion key can exploit the \u0027on demand\u0027 pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22237",
"url": "https://www.suse.com/security/cve/CVE-2025-22237"
},
{
"category": "external",
"summary": "SUSE Bug 1244571 for CVE-2025-22237",
"url": "https://bugzilla.suse.com/1244571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22237"
},
{
"cve": "CVE-2025-22238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22238"
}
],
"notes": [
{
"category": "general",
"text": "Directory traversal attack in minion file cache creation. The master\u0027s default cache is vulnerable to a directory traversal attack. Which could be leveraged to write or overwrite \u0027cache\u0027 files outside of the cache directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22238",
"url": "https://www.suse.com/security/cve/CVE-2025-22238"
},
{
"category": "external",
"summary": "SUSE Bug 1244572 for CVE-2025-22238",
"url": "https://bugzilla.suse.com/1244572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22238"
},
{
"cve": "CVE-2025-22239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22239"
}
],
"notes": [
{
"category": "general",
"text": "Arbitrary event injection on Salt Master. The master\u0027s \"_minion_event\" method can be used by and authorized minion to send arbitrary events onto the master\u0027s event bus.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22239",
"url": "https://www.suse.com/security/cve/CVE-2025-22239"
},
{
"category": "external",
"summary": "SUSE Bug 1244574 for CVE-2025-22239",
"url": "https://bugzilla.suse.com/1244574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22239"
},
{
"cve": "CVE-2025-22240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22240"
}
],
"notes": [
{
"category": "general",
"text": "Arbitrary directory creation or file deletion. In the find_file method of the GitFS class, a path is created using os.path.join using unvalidated input from the \"tgt_env\" variable. This can be exploited by an attacker to delete any file on the Master\u0027s process has permissions to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22240",
"url": "https://www.suse.com/security/cve/CVE-2025-22240"
},
{
"category": "external",
"summary": "SUSE Bug 1244567 for CVE-2025-22240",
"url": "https://bugzilla.suse.com/1244567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22240"
},
{
"cve": "CVE-2025-22241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22241"
}
],
"notes": [
{
"category": "general",
"text": "File contents overwrite the VirtKey class is called when \"on-demand pillar\" data is requested and uses un-validated input to create paths to the \"pki directory\". The functionality is used to auto-accept Minion authentication keys based on a pre-placed \"authorization file\" at a specific location and is present in the default configuration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22241",
"url": "https://www.suse.com/security/cve/CVE-2025-22241"
},
{
"category": "external",
"summary": "SUSE Bug 1244570 for CVE-2025-22241",
"url": "https://bugzilla.suse.com/1244570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22241"
},
{
"cve": "CVE-2025-22242",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22242"
}
],
"notes": [
{
"category": "general",
"text": "Worker process denial of service through file read operation. .A vulnerability exists in the Master\u0027s \"pub_ret\" method which is exposed to all minions. The un-sanitized input value \"jid\" is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by attempting to read from a filename that will not return any data, e.g. by targeting a pipe node on the proc file system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22242",
"url": "https://www.suse.com/security/cve/CVE-2025-22242"
},
{
"category": "external",
"summary": "SUSE Bug 1244575 for CVE-2025-22242",
"url": "https://bugzilla.suse.com/1244575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22242"
},
{
"cve": "CVE-2025-47287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47287"
}
],
"notes": [
{
"category": "general",
"text": "Tornado is a Python web framework and asynchronous networking library. When Tornado\u0027s ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47287",
"url": "https://www.suse.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "SUSE Bug 1243268 for CVE-2025-47287",
"url": "https://bugzilla.suse.com/1243268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python311-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python312-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:python313-salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-api-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-bash-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-cloud-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-doc-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-fish-completion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-master-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-minion-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-proxy-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-ssh-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-standalone-formulas-configuration-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-syndic-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-transactional-update-3006.0-41.1.x86_64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.aarch64",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.ppc64le",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.s390x",
"openSUSE Tumbleweed:salt-zsh-completion-3006.0-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-47287"
}
]
}
rhsa-2025:8226
Vulnerability from csaf_redhat
Published
2025-05-27 17:49
Modified
2025-10-08 16:07
Summary
Red Hat Security Advisory: python-tornado security update
Notes
Topic
An update for python-tornado is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-tornado is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8226",
"url": "https://access.redhat.com/errata/RHSA-2025:8226"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8226.json"
}
],
"title": "Red Hat Security Advisory: python-tornado security update",
"tracking": {
"current_release_date": "2025-10-08T16:07:21+00:00",
"generator": {
"date": "2025-10-08T16:07:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:8226",
"initial_release_date": "2025-05-27T17:49:35+00:00",
"revision_history": [
{
"date": "2025-05-27T17:49:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-27T17:49:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-08T16:07:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tornado-0:6.4.2-1.el9_2.1.src",
"product": {
"name": "python-tornado-0:6.4.2-1.el9_2.1.src",
"product_id": "python-tornado-0:6.4.2-1.el9_2.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado@6.4.2-1.el9_2.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el9_2.1.aarch64",
"product": {
"name": "python3-tornado-0:6.4.2-1.el9_2.1.aarch64",
"product_id": "python3-tornado-0:6.4.2-1.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.aarch64",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.aarch64",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.aarch64",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.aarch64",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el9_2.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el9_2.1.ppc64le",
"product": {
"name": "python3-tornado-0:6.4.2-1.el9_2.1.ppc64le",
"product_id": "python3-tornado-0:6.4.2-1.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.ppc64le",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.ppc64le",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.ppc64le",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.ppc64le",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el9_2.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el9_2.1.x86_64",
"product": {
"name": "python3-tornado-0:6.4.2-1.el9_2.1.x86_64",
"product_id": "python3-tornado-0:6.4.2-1.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.x86_64",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.x86_64",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.x86_64",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.x86_64",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el9_2.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el9_2.1.s390x",
"product": {
"name": "python3-tornado-0:6.4.2-1.el9_2.1.s390x",
"product_id": "python3-tornado-0:6.4.2-1.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.s390x",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.s390x",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.s390x",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.s390x",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el9_2.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-0:6.4.2-1.el9_2.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python-tornado-0:6.4.2-1.el9_2.1.src"
},
"product_reference": "python-tornado-0:6.4.2-1.el9_2.1.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.aarch64"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.ppc64le"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.s390x"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.x86_64"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.aarch64"
},
"product_reference": "python3-tornado-0:6.4.2-1.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.ppc64le"
},
"product_reference": "python3-tornado-0:6.4.2-1.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.s390x"
},
"product_reference": "python3-tornado-0:6.4.2-1.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.x86_64"
},
"product_reference": "python3-tornado-0:6.4.2-1.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.aarch64"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.ppc64le"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.s390x"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.x86_64"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47287",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-15T22:00:49.780609+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366703"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tornado. This vulnerability can lead to a a denial of service by generating an extremely high volume of log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tornado: Tornado Multipart Form-Data Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important because it leverages the synchronous nature of the logging subsystem to induce a DoS condition. Specifically, malformed multipart/form-data payloads cause repeated, blocking log writes, which stall the event loop that underpins Tornado\u2019s asynchronous architecture. Furthermore, because the vulnerable multipart parser is enabled by default, applications that are otherwise well-secured and do not even use file uploads can still be targeted unless they explicitly block these requests at a proxy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:python-tornado-0:6.4.2-1.el9_2.1.src",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.x86_64",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.x86_64",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "RHBZ#2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
}
],
"release_date": "2025-05-15T21:17:55.188000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-27T17:49:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:python-tornado-0:6.4.2-1.el9_2.1.src",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.x86_64",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.x86_64",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8226"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:python-tornado-0:6.4.2-1.el9_2.1.src",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.x86_64",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.x86_64",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:python-tornado-0:6.4.2-1.el9_2.1.src",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_2.1.x86_64",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_2.1.x86_64",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.aarch64",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.s390x",
"AppStream-9.2.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tornado: Tornado Multipart Form-Data Denial of Service"
}
]
}
rhsa-2025:8323
Vulnerability from csaf_redhat
Published
2025-05-29 16:42
Modified
2025-10-25 00:56
Summary
Red Hat Security Advisory: pcs security update
Notes
Topic
An update for pcs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)
* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)\n\n* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8323",
"url": "https://access.redhat.com/errata/RHSA-2025:8323"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2364966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364966"
},
{
"category": "external",
"summary": "2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8323.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2025-10-25T00:56:41+00:00",
"generator": {
"date": "2025-10-25T00:56:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:8323",
"initial_release_date": "2025-05-29T16:42:11+00:00",
"revision_history": [
{
"date": "2025-05-29T16:42:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-29T16:42:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-25T00:56:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HighAvailability TUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux HighAvailability TUS (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.4::highavailability"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HighAvailability E4S (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux HighAvailability E4S (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.4::highavailability"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.8-1.el8_4.7.src",
"product": {
"name": "pcs-0:0.10.8-1.el8_4.7.src",
"product_id": "pcs-0:0.10.8-1.el8_4.7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.8-1.el8_4.7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.8-1.el8_4.7.x86_64",
"product": {
"name": "pcs-0:0.10.8-1.el8_4.7.x86_64",
"product_id": "pcs-0:0.10.8-1.el8_4.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.8-1.el8_4.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"product": {
"name": "pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"product_id": "pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.8-1.el8_4.7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.8-1.el8_4.7.ppc64le",
"product": {
"name": "pcs-0:0.10.8-1.el8_4.7.ppc64le",
"product_id": "pcs-0:0.10.8-1.el8_4.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.8-1.el8_4.7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le",
"product": {
"name": "pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le",
"product_id": "pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.8-1.el8_4.7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.8-1.el8_4.7.ppc64le as a component of Red Hat Enterprise Linux HighAvailability E4S (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.ppc64le"
},
"product_reference": "pcs-0:0.10.8-1.el8_4.7.ppc64le",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.8-1.el8_4.7.src as a component of Red Hat Enterprise Linux HighAvailability E4S (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.src"
},
"product_reference": "pcs-0:0.10.8-1.el8_4.7.src",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.8-1.el8_4.7.x86_64 as a component of Red Hat Enterprise Linux HighAvailability E4S (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.x86_64"
},
"product_reference": "pcs-0:0.10.8-1.el8_4.7.x86_64",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le as a component of Red Hat Enterprise Linux HighAvailability E4S (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.8-1.el8_4.7.x86_64 as a component of Red Hat Enterprise Linux HighAvailability E4S (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.8-1.el8_4.7.src as a component of Red Hat Enterprise Linux HighAvailability TUS (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.src"
},
"product_reference": "pcs-0:0.10.8-1.el8_4.7.src",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.8-1.el8_4.7.x86_64 as a component of Red Hat Enterprise Linux HighAvailability TUS (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.x86_64"
},
"product_reference": "pcs-0:0.10.8-1.el8_4.7.x86_64",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.8-1.el8_4.7.x86_64 as a component of Red Hat Enterprise Linux HighAvailability TUS (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.TUS:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-46727",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-08T00:00:45.681503+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2364966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rack::QueryParser. This vulnerability allows denial of service via oversized HTTP requests containing many parameters, resulting in memory exhaustion that consumes all available memory or CPU resource pinning, which keeps the CPU constantly busy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an IMPORTANT severity because the vulnerabilty was found in the Rack::QueryParser component which arises because Rack::QueryParser parses query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters, when an attacker sends requests with an extremely large number of parameters, Rack::QueryParser consumes excessive memory and CPU during parsing, leading to memory exhaustion, this results in a denial of service, causing the Rack server to crash and leading to full service disruption.\n\nRed Hat Satellite 6.15 includes an affected version of rubygem-rack; however, since it does not utilize Rack::QueryParser, it is not actually vulnerable to the flaw, lowering product-specific impact. The issue has already been addressed in Red Hat Satellite versions 6.16 and 6.17, and updates for other supported versions may follow based on the product lifecycle policy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-46727"
},
{
"category": "external",
"summary": "RHBZ#2364966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-46727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46727"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712",
"url": "https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3",
"url": "https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74",
"url": "https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx",
"url": "https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx"
}
],
"release_date": "2025-05-07T23:07:40.563000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-29T16:42:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser"
},
{
"cve": "CVE-2025-47287",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-15T22:00:49.780609+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366703"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tornado. This vulnerability can lead to a a denial of service by generating an extremely high volume of log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tornado: Tornado Multipart Form-Data Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important because it leverages the synchronous nature of the logging subsystem to induce a DoS condition. Specifically, malformed multipart/form-data payloads cause repeated, blocking log writes, which stall the event loop that underpins Tornado\u2019s asynchronous architecture. Furthermore, because the vulnerable multipart parser is enabled by default, applications that are otherwise well-secured and do not even use file uploads can still be targeted unless they explicitly block these requests at a proxy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "RHBZ#2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
}
],
"release_date": "2025-05-15T21:17:55.188000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-29T16:42:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8323"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.E4S:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.ppc64le",
"HighAvailability-8.4.0.Z.E4S:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.src",
"HighAvailability-8.4.0.Z.TUS:pcs-0:0.10.8-1.el8_4.7.x86_64",
"HighAvailability-8.4.0.Z.TUS:pcs-snmp-0:0.10.8-1.el8_4.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tornado: Tornado Multipart Form-Data Denial of Service"
}
]
}
rhsa-2025:8136
Vulnerability from csaf_redhat
Published
2025-05-26 10:11
Modified
2025-10-08 16:07
Summary
Red Hat Security Advisory: python-tornado security update
Notes
Topic
An update for python-tornado is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-tornado is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8136",
"url": "https://access.redhat.com/errata/RHSA-2025:8136"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8136.json"
}
],
"title": "Red Hat Security Advisory: python-tornado security update",
"tracking": {
"current_release_date": "2025-10-08T16:07:21+00:00",
"generator": {
"date": "2025-10-08T16:07:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:8136",
"initial_release_date": "2025-05-26T10:11:57+00:00",
"revision_history": [
{
"date": "2025-05-26T10:11:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-26T10:11:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-08T16:07:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tornado-0:6.4.2-2.el9_6.2.src",
"product": {
"name": "python-tornado-0:6.4.2-2.el9_6.2.src",
"product_id": "python-tornado-0:6.4.2-2.el9_6.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado@6.4.2-2.el9_6.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-2.el9_6.2.aarch64",
"product": {
"name": "python3-tornado-0:6.4.2-2.el9_6.2.aarch64",
"product_id": "python3-tornado-0:6.4.2-2.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-2.el9_6.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.aarch64",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.aarch64",
"product_id": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-2.el9_6.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.aarch64",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.aarch64",
"product_id": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-2.el9_6.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-2.el9_6.2.ppc64le",
"product": {
"name": "python3-tornado-0:6.4.2-2.el9_6.2.ppc64le",
"product_id": "python3-tornado-0:6.4.2-2.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-2.el9_6.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.ppc64le",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.ppc64le",
"product_id": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-2.el9_6.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.ppc64le",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.ppc64le",
"product_id": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-2.el9_6.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-2.el9_6.2.x86_64",
"product": {
"name": "python3-tornado-0:6.4.2-2.el9_6.2.x86_64",
"product_id": "python3-tornado-0:6.4.2-2.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-2.el9_6.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.x86_64",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.x86_64",
"product_id": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-2.el9_6.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.x86_64",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.x86_64",
"product_id": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-2.el9_6.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-2.el9_6.2.s390x",
"product": {
"name": "python3-tornado-0:6.4.2-2.el9_6.2.s390x",
"product_id": "python3-tornado-0:6.4.2-2.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-2.el9_6.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.s390x",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.s390x",
"product_id": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-2.el9_6.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.s390x",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.s390x",
"product_id": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-2.el9_6.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-0:6.4.2-2.el9_6.2.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python-tornado-0:6.4.2-2.el9_6.2.src"
},
"product_reference": "python-tornado-0:6.4.2-2.el9_6.2.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.aarch64"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.ppc64le"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.s390x"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.x86_64"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-2.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-2.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.aarch64"
},
"product_reference": "python3-tornado-0:6.4.2-2.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-2.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.ppc64le"
},
"product_reference": "python3-tornado-0:6.4.2-2.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-2.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.s390x"
},
"product_reference": "python3-tornado-0:6.4.2-2.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-2.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.x86_64"
},
"product_reference": "python3-tornado-0:6.4.2-2.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.aarch64"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.ppc64le"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.s390x"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.x86_64"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47287",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-15T22:00:49.780609+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366703"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tornado. This vulnerability can lead to a a denial of service by generating an extremely high volume of log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tornado: Tornado Multipart Form-Data Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important because it leverages the synchronous nature of the logging subsystem to induce a DoS condition. Specifically, malformed multipart/form-data payloads cause repeated, blocking log writes, which stall the event loop that underpins Tornado\u2019s asynchronous architecture. Furthermore, because the vulnerable multipart parser is enabled by default, applications that are otherwise well-secured and do not even use file uploads can still be targeted unless they explicitly block these requests at a proxy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-0:6.4.2-2.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "RHBZ#2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
}
],
"release_date": "2025-05-15T21:17:55.188000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-26T10:11:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-0:6.4.2-2.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8136"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-0:6.4.2-2.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-0:6.4.2-2.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python-tornado-debugsource-0:6.4.2-2.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-0:6.4.2-2.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-tornado-debuginfo-0:6.4.2-2.el9_6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tornado: Tornado Multipart Form-Data Denial of Service"
}
]
}
rhsa-2025:8279
Vulnerability from csaf_redhat
Published
2025-05-28 23:37
Modified
2025-10-25 00:56
Summary
Red Hat Security Advisory: pcs security update
Notes
Topic
An update for pcs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)
* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)\n\n* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8279",
"url": "https://access.redhat.com/errata/RHSA-2025:8279"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2364966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364966"
},
{
"category": "external",
"summary": "2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8279.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2025-10-25T00:56:39+00:00",
"generator": {
"date": "2025-10-25T00:56:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:8279",
"initial_release_date": "2025-05-28T23:37:50+00:00",
"revision_history": [
{
"date": "2025-05-28T23:37:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-28T23:37:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-25T00:56:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.8::highavailability"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.8::resilientstorage"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.15-4.el8_8.6.src",
"product": {
"name": "pcs-0:0.10.15-4.el8_8.6.src",
"product_id": "pcs-0:0.10.15-4.el8_8.6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.15-4.el8_8.6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.15-4.el8_8.6.ppc64le",
"product": {
"name": "pcs-0:0.10.15-4.el8_8.6.ppc64le",
"product_id": "pcs-0:0.10.15-4.el8_8.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.15-4.el8_8.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"product": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"product_id": "pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.15-4.el8_8.6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.15-4.el8_8.6.x86_64",
"product": {
"name": "pcs-0:0.10.15-4.el8_8.6.x86_64",
"product_id": "pcs-0:0.10.15-4.el8_8.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.15-4.el8_8.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"product": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"product_id": "pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.15-4.el8_8.6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.15-4.el8_8.6.s390x",
"product": {
"name": "pcs-0:0.10.15-4.el8_8.6.s390x",
"product_id": "pcs-0:0.10.15-4.el8_8.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.15-4.el8_8.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"product": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"product_id": "pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.15-4.el8_8.6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.15-4.el8_8.6.aarch64",
"product": {
"name": "pcs-0:0.10.15-4.el8_8.6.aarch64",
"product_id": "pcs-0:0.10.15-4.el8_8.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.15-4.el8_8.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"product": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"product_id": "pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.15-4.el8_8.6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.6.aarch64 as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.6.aarch64",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.6.ppc64le as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.6.ppc64le",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.6.s390x as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.6.s390x",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.6.src as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.6.src",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.6.x86_64 as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.6.x86_64",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.aarch64 as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.s390x as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.x86_64 as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.6.aarch64 as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.6.aarch64",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.6.ppc64le as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.6.ppc64le",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.6.s390x as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.6.s390x",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.6.src as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.6.src",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.6.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.6.x86_64",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.aarch64 as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.s390x as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.6.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-46727",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-08T00:00:45.681503+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2364966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rack::QueryParser. This vulnerability allows denial of service via oversized HTTP requests containing many parameters, resulting in memory exhaustion that consumes all available memory or CPU resource pinning, which keeps the CPU constantly busy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an IMPORTANT severity because the vulnerabilty was found in the Rack::QueryParser component which arises because Rack::QueryParser parses query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters, when an attacker sends requests with an extremely large number of parameters, Rack::QueryParser consumes excessive memory and CPU during parsing, leading to memory exhaustion, this results in a denial of service, causing the Rack server to crash and leading to full service disruption.\n\nRed Hat Satellite 6.15 includes an affected version of rubygem-rack; however, since it does not utilize Rack::QueryParser, it is not actually vulnerable to the flaw, lowering product-specific impact. The issue has already been addressed in Red Hat Satellite versions 6.16 and 6.17, and updates for other supported versions may follow based on the product lifecycle policy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-46727"
},
{
"category": "external",
"summary": "RHBZ#2364966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-46727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46727"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712",
"url": "https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3",
"url": "https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74",
"url": "https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx",
"url": "https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx"
}
],
"release_date": "2025-05-07T23:07:40.563000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-28T23:37:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8279"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser"
},
{
"cve": "CVE-2025-47287",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-15T22:00:49.780609+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366703"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tornado. This vulnerability can lead to a a denial of service by generating an extremely high volume of log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tornado: Tornado Multipart Form-Data Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important because it leverages the synchronous nature of the logging subsystem to induce a DoS condition. Specifically, malformed multipart/form-data payloads cause repeated, blocking log writes, which stall the event loop that underpins Tornado\u2019s asynchronous architecture. Furthermore, because the vulnerable multipart parser is enabled by default, applications that are otherwise well-secured and do not even use file uploads can still be targeted unless they explicitly block these requests at a proxy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "RHBZ#2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
}
],
"release_date": "2025-05-15T21:17:55.188000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-28T23:37:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8279"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.6.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tornado: Tornado Multipart Form-Data Denial of Service"
}
]
}
rhsa-2025:8135
Vulnerability from csaf_redhat
Published
2025-05-26 09:43
Modified
2025-10-08 16:07
Summary
Red Hat Security Advisory: python-tornado security update
Notes
Topic
An update for python-tornado is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-tornado is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8135",
"url": "https://access.redhat.com/errata/RHSA-2025:8135"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8135.json"
}
],
"title": "Red Hat Security Advisory: python-tornado security update",
"tracking": {
"current_release_date": "2025-10-08T16:07:20+00:00",
"generator": {
"date": "2025-10-08T16:07:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:8135",
"initial_release_date": "2025-05-26T09:43:42+00:00",
"revision_history": [
{
"date": "2025-05-26T09:43:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-26T09:43:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-08T16:07:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tornado-0:6.4.2-1.el10_0.1.src",
"product": {
"name": "python-tornado-0:6.4.2-1.el10_0.1.src",
"product_id": "python-tornado-0:6.4.2-1.el10_0.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado@6.4.2-1.el10_0.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el10_0.1.aarch64",
"product": {
"name": "python3-tornado-0:6.4.2-1.el10_0.1.aarch64",
"product_id": "python3-tornado-0:6.4.2-1.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el10_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.aarch64",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.aarch64",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el10_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.aarch64",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.aarch64",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el10_0.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el10_0.1.ppc64le",
"product": {
"name": "python3-tornado-0:6.4.2-1.el10_0.1.ppc64le",
"product_id": "python3-tornado-0:6.4.2-1.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el10_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.ppc64le",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.ppc64le",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el10_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.ppc64le",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.ppc64le",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el10_0.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el10_0.1.x86_64",
"product": {
"name": "python3-tornado-0:6.4.2-1.el10_0.1.x86_64",
"product_id": "python3-tornado-0:6.4.2-1.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el10_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.x86_64",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.x86_64",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el10_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.x86_64",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.x86_64",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el10_0.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el10_0.1.s390x",
"product": {
"name": "python3-tornado-0:6.4.2-1.el10_0.1.s390x",
"product_id": "python3-tornado-0:6.4.2-1.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el10_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.s390x",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.s390x",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el10_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.s390x",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.s390x",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el10_0.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-0:6.4.2-1.el10_0.1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python-tornado-0:6.4.2-1.el10_0.1.src"
},
"product_reference": "python-tornado-0:6.4.2-1.el10_0.1.src",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.aarch64"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.ppc64le"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.s390x"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.x86_64"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.aarch64"
},
"product_reference": "python3-tornado-0:6.4.2-1.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.ppc64le"
},
"product_reference": "python3-tornado-0:6.4.2-1.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.s390x"
},
"product_reference": "python3-tornado-0:6.4.2-1.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.x86_64"
},
"product_reference": "python3-tornado-0:6.4.2-1.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.aarch64"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.ppc64le"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.s390x"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.x86_64"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47287",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-15T22:00:49.780609+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366703"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tornado. This vulnerability can lead to a a denial of service by generating an extremely high volume of log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tornado: Tornado Multipart Form-Data Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important because it leverages the synchronous nature of the logging subsystem to induce a DoS condition. Specifically, malformed multipart/form-data payloads cause repeated, blocking log writes, which stall the event loop that underpins Tornado\u2019s asynchronous architecture. Furthermore, because the vulnerable multipart parser is enabled by default, applications that are otherwise well-secured and do not even use file uploads can still be targeted unless they explicitly block these requests at a proxy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:python-tornado-0:6.4.2-1.el10_0.1.src",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.x86_64",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.x86_64",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "RHBZ#2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
}
],
"release_date": "2025-05-15T21:17:55.188000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-26T09:43:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:python-tornado-0:6.4.2-1.el10_0.1.src",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.x86_64",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.x86_64",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8135"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"AppStream-10.0.Z:python-tornado-0:6.4.2-1.el10_0.1.src",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.x86_64",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.x86_64",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:python-tornado-0:6.4.2-1.el10_0.1.src",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python-tornado-debugsource-0:6.4.2-1.el10_0.1.x86_64",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python3-tornado-0:6.4.2-1.el10_0.1.x86_64",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.aarch64",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.ppc64le",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.s390x",
"AppStream-10.0.Z:python3-tornado-debuginfo-0:6.4.2-1.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tornado: Tornado Multipart Form-Data Denial of Service"
}
]
}
rhsa-2025:8664
Vulnerability from csaf_redhat
Published
2025-06-09 10:16
Modified
2025-10-08 16:07
Summary
Red Hat Security Advisory: python-tornado security update
Notes
Topic
An update for python-tornado is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-tornado is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8664",
"url": "https://access.redhat.com/errata/RHSA-2025:8664"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8664.json"
}
],
"title": "Red Hat Security Advisory: python-tornado security update",
"tracking": {
"current_release_date": "2025-10-08T16:07:27+00:00",
"generator": {
"date": "2025-10-08T16:07:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:8664",
"initial_release_date": "2025-06-09T10:16:49+00:00",
"revision_history": [
{
"date": "2025-06-09T10:16:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-06-09T10:16:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-08T16:07:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tornado-0:4.2.1-5.el7_9.1.src",
"product": {
"name": "python-tornado-0:4.2.1-5.el7_9.1.src",
"product_id": "python-tornado-0:4.2.1-5.el7_9.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado@4.2.1-5.el7_9.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tornado-0:4.2.1-5.el7_9.1.x86_64",
"product": {
"name": "python-tornado-0:4.2.1-5.el7_9.1.x86_64",
"product_id": "python-tornado-0:4.2.1-5.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado@4.2.1-5.el7_9.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.x86_64",
"product": {
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.x86_64",
"product_id": "python-tornado-doc-0:4.2.1-5.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-doc@4.2.1-5.el7_9.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.x86_64",
"product": {
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.x86_64",
"product_id": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debuginfo@4.2.1-5.el7_9.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tornado-0:4.2.1-5.el7_9.1.s390x",
"product": {
"name": "python-tornado-0:4.2.1-5.el7_9.1.s390x",
"product_id": "python-tornado-0:4.2.1-5.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado@4.2.1-5.el7_9.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.s390x",
"product": {
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.s390x",
"product_id": "python-tornado-doc-0:4.2.1-5.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-doc@4.2.1-5.el7_9.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.s390x",
"product": {
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.s390x",
"product_id": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debuginfo@4.2.1-5.el7_9.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tornado-0:4.2.1-5.el7_9.1.ppc64",
"product": {
"name": "python-tornado-0:4.2.1-5.el7_9.1.ppc64",
"product_id": "python-tornado-0:4.2.1-5.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado@4.2.1-5.el7_9.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64",
"product": {
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64",
"product_id": "python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-doc@4.2.1-5.el7_9.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64",
"product": {
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64",
"product_id": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debuginfo@4.2.1-5.el7_9.1?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tornado-0:4.2.1-5.el7_9.1.ppc64le",
"product": {
"name": "python-tornado-0:4.2.1-5.el7_9.1.ppc64le",
"product_id": "python-tornado-0:4.2.1-5.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado@4.2.1-5.el7_9.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64le",
"product": {
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64le",
"product_id": "python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-doc@4.2.1-5.el7_9.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64le",
"product": {
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64le",
"product_id": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debuginfo@4.2.1-5.el7_9.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-0:4.2.1-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.ppc64"
},
"product_reference": "python-tornado-0:4.2.1-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-0:4.2.1-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.ppc64le"
},
"product_reference": "python-tornado-0:4.2.1-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-0:4.2.1-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.s390x"
},
"product_reference": "python-tornado-0:4.2.1-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-0:4.2.1-5.el7_9.1.src as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.src"
},
"product_reference": "python-tornado-0:4.2.1-5.el7_9.1.src",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-0:4.2.1-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.x86_64"
},
"product_reference": "python-tornado-0:4.2.1-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64"
},
"product_reference": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64le"
},
"product_reference": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.s390x"
},
"product_reference": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.x86_64"
},
"product_reference": "python-tornado-debuginfo-0:4.2.1-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64"
},
"product_reference": "python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64le"
},
"product_reference": "python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.s390x"
},
"product_reference": "python-tornado-doc-0:4.2.1-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-doc-0:4.2.1-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.x86_64"
},
"product_reference": "python-tornado-doc-0:4.2.1-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47287",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-15T22:00:49.780609+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366703"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tornado. This vulnerability can lead to a a denial of service by generating an extremely high volume of log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tornado: Tornado Multipart Form-Data Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important because it leverages the synchronous nature of the logging subsystem to induce a DoS condition. Specifically, malformed multipart/form-data payloads cause repeated, blocking log writes, which stall the event loop that underpins Tornado\u2019s asynchronous architecture. Furthermore, because the vulnerable multipart parser is enabled by default, applications that are otherwise well-secured and do not even use file uploads can still be targeted unless they explicitly block these requests at a proxy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.src",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.x86_64",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.x86_64",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "RHBZ#2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
}
],
"release_date": "2025-05-15T21:17:55.188000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-09T10:16:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.src",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.x86_64",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.x86_64",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8664"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.src",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.x86_64",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.x86_64",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.src",
"7Server-optional-ELS:python-tornado-0:4.2.1-5.el7_9.1.x86_64",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-debuginfo-0:4.2.1-5.el7_9.1.x86_64",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.ppc64le",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.s390x",
"7Server-optional-ELS:python-tornado-doc-0:4.2.1-5.el7_9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tornado: Tornado Multipart Form-Data Denial of Service"
}
]
}
rhsa-2025:8223
Vulnerability from csaf_redhat
Published
2025-05-27 16:53
Modified
2025-10-08 16:07
Summary
Red Hat Security Advisory: python-tornado security update
Notes
Topic
An update for python-tornado is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-tornado is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8223",
"url": "https://access.redhat.com/errata/RHSA-2025:8223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8223.json"
}
],
"title": "Red Hat Security Advisory: python-tornado security update",
"tracking": {
"current_release_date": "2025-10-08T16:07:21+00:00",
"generator": {
"date": "2025-10-08T16:07:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:8223",
"initial_release_date": "2025-05-27T16:53:50+00:00",
"revision_history": [
{
"date": "2025-05-27T16:53:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-27T16:53:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-08T16:07:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tornado-0:6.4.2-1.el9_4.1.src",
"product": {
"name": "python-tornado-0:6.4.2-1.el9_4.1.src",
"product_id": "python-tornado-0:6.4.2-1.el9_4.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado@6.4.2-1.el9_4.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el9_4.1.aarch64",
"product": {
"name": "python3-tornado-0:6.4.2-1.el9_4.1.aarch64",
"product_id": "python3-tornado-0:6.4.2-1.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el9_4.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.aarch64",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.aarch64",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el9_4.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.aarch64",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.aarch64",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el9_4.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el9_4.1.ppc64le",
"product": {
"name": "python3-tornado-0:6.4.2-1.el9_4.1.ppc64le",
"product_id": "python3-tornado-0:6.4.2-1.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el9_4.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.ppc64le",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.ppc64le",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el9_4.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.ppc64le",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.ppc64le",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el9_4.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el9_4.1.x86_64",
"product": {
"name": "python3-tornado-0:6.4.2-1.el9_4.1.x86_64",
"product_id": "python3-tornado-0:6.4.2-1.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el9_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.x86_64",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.x86_64",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el9_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.x86_64",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.x86_64",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el9_4.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-tornado-0:6.4.2-1.el9_4.1.s390x",
"product": {
"name": "python3-tornado-0:6.4.2-1.el9_4.1.s390x",
"product_id": "python3-tornado-0:6.4.2-1.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado@6.4.2-1.el9_4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.s390x",
"product": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.s390x",
"product_id": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tornado-debugsource@6.4.2-1.el9_4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.s390x",
"product": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.s390x",
"product_id": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tornado-debuginfo@6.4.2-1.el9_4.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-0:6.4.2-1.el9_4.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python-tornado-0:6.4.2-1.el9_4.1.src"
},
"product_reference": "python-tornado-0:6.4.2-1.el9_4.1.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.aarch64"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.ppc64le"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.s390x"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.x86_64"
},
"product_reference": "python-tornado-debugsource-0:6.4.2-1.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.aarch64"
},
"product_reference": "python3-tornado-0:6.4.2-1.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.ppc64le"
},
"product_reference": "python3-tornado-0:6.4.2-1.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.s390x"
},
"product_reference": "python3-tornado-0:6.4.2-1.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-0:6.4.2-1.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.x86_64"
},
"product_reference": "python3-tornado-0:6.4.2-1.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.aarch64"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.ppc64le"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.s390x"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.x86_64"
},
"product_reference": "python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47287",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-15T22:00:49.780609+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366703"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tornado. This vulnerability can lead to a a denial of service by generating an extremely high volume of log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tornado: Tornado Multipart Form-Data Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important because it leverages the synchronous nature of the logging subsystem to induce a DoS condition. Specifically, malformed multipart/form-data payloads cause repeated, blocking log writes, which stall the event loop that underpins Tornado\u2019s asynchronous architecture. Furthermore, because the vulnerable multipart parser is enabled by default, applications that are otherwise well-secured and do not even use file uploads can still be targeted unless they explicitly block these requests at a proxy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:python-tornado-0:6.4.2-1.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "RHBZ#2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
}
],
"release_date": "2025-05-15T21:17:55.188000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-27T16:53:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:python-tornado-0:6.4.2-1.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8223"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:python-tornado-0:6.4.2-1.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:python-tornado-0:6.4.2-1.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python-tornado-debugsource-0:6.4.2-1.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python3-tornado-0:6.4.2-1.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:python3-tornado-debuginfo-0:6.4.2-1.el9_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tornado: Tornado Multipart Form-Data Denial of Service"
}
]
}
rhsa-2025:8254
Vulnerability from csaf_redhat
Published
2025-05-28 10:43
Modified
2025-10-25 00:56
Summary
Red Hat Security Advisory: pcs security update
Notes
Topic
An update for pcs is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)
* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)\n\n* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8254",
"url": "https://access.redhat.com/errata/RHSA-2025:8254"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2364966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364966"
},
{
"category": "external",
"summary": "2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8254.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2025-10-25T00:56:39+00:00",
"generator": {
"date": "2025-10-25T00:56:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:8254",
"initial_release_date": "2025-05-28T10:43:02+00:00",
"revision_history": [
{
"date": "2025-05-28T10:43:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-28T10:43:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-25T00:56:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HighAvailability (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::highavailability"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::resilientstorage"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.18-2.el8_10.5.src",
"product": {
"name": "pcs-0:0.10.18-2.el8_10.5.src",
"product_id": "pcs-0:0.10.18-2.el8_10.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.18-2.el8_10.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.18-2.el8_10.5.aarch64",
"product": {
"name": "pcs-0:0.10.18-2.el8_10.5.aarch64",
"product_id": "pcs-0:0.10.18-2.el8_10.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.18-2.el8_10.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"product": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"product_id": "pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.18-2.el8_10.5?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.18-2.el8_10.5.ppc64le",
"product": {
"name": "pcs-0:0.10.18-2.el8_10.5.ppc64le",
"product_id": "pcs-0:0.10.18-2.el8_10.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.18-2.el8_10.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"product": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"product_id": "pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.18-2.el8_10.5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.18-2.el8_10.5.x86_64",
"product": {
"name": "pcs-0:0.10.18-2.el8_10.5.x86_64",
"product_id": "pcs-0:0.10.18-2.el8_10.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.18-2.el8_10.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"product": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"product_id": "pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.18-2.el8_10.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.18-2.el8_10.5.s390x",
"product": {
"name": "pcs-0:0.10.18-2.el8_10.5.s390x",
"product_id": "pcs-0:0.10.18-2.el8_10.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.18-2.el8_10.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"product": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"product_id": "pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.18-2.el8_10.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.5.aarch64 as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.5.aarch64",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.5.ppc64le as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.5.ppc64le",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.5.s390x as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.5.s390x",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.5.src as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.5.src",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.5.x86_64 as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.5.x86_64",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.aarch64 as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.s390x as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.x86_64 as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.5.aarch64 as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.5.aarch64",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.5.ppc64le as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.5.ppc64le",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.5.s390x as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.5.s390x",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.5.src as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.5.src",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.5.x86_64 as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.5.x86_64",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.aarch64 as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.s390x as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.5.x86_64 as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-46727",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-08T00:00:45.681503+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2364966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rack::QueryParser. This vulnerability allows denial of service via oversized HTTP requests containing many parameters, resulting in memory exhaustion that consumes all available memory or CPU resource pinning, which keeps the CPU constantly busy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an IMPORTANT severity because the vulnerabilty was found in the Rack::QueryParser component which arises because Rack::QueryParser parses query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters, when an attacker sends requests with an extremely large number of parameters, Rack::QueryParser consumes excessive memory and CPU during parsing, leading to memory exhaustion, this results in a denial of service, causing the Rack server to crash and leading to full service disruption.\n\nRed Hat Satellite 6.15 includes an affected version of rubygem-rack; however, since it does not utilize Rack::QueryParser, it is not actually vulnerable to the flaw, lowering product-specific impact. The issue has already been addressed in Red Hat Satellite versions 6.16 and 6.17, and updates for other supported versions may follow based on the product lifecycle policy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-46727"
},
{
"category": "external",
"summary": "RHBZ#2364966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-46727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46727"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712",
"url": "https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3",
"url": "https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74",
"url": "https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx",
"url": "https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx"
}
],
"release_date": "2025-05-07T23:07:40.563000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-28T10:43:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8254"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser"
},
{
"cve": "CVE-2025-47287",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-15T22:00:49.780609+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366703"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tornado. This vulnerability can lead to a a denial of service by generating an extremely high volume of log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tornado: Tornado Multipart Form-Data Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important because it leverages the synchronous nature of the logging subsystem to induce a DoS condition. Specifically, malformed multipart/form-data payloads cause repeated, blocking log writes, which stall the event loop that underpins Tornado\u2019s asynchronous architecture. Furthermore, because the vulnerable multipart parser is enabled by default, applications that are otherwise well-secured and do not even use file uploads can still be targeted unless they explicitly block these requests at a proxy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "RHBZ#2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
}
],
"release_date": "2025-05-15T21:17:55.188000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-28T10:43:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8254"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.5.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tornado: Tornado Multipart Form-Data Denial of Service"
}
]
}
rhsa-2025:8290
Vulnerability from csaf_redhat
Published
2025-05-29 06:28
Modified
2025-10-25 00:56
Summary
Red Hat Security Advisory: pcs security update
Notes
Topic
An update for pcs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)
* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)\n\n* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8290",
"url": "https://access.redhat.com/errata/RHSA-2025:8290"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2364966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364966"
},
{
"category": "external",
"summary": "2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8290.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2025-10-25T00:56:40+00:00",
"generator": {
"date": "2025-10-25T00:56:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:8290",
"initial_release_date": "2025-05-29T06:28:14+00:00",
"revision_history": [
{
"date": "2025-05-29T06:28:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-29T06:28:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-25T00:56:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.6::highavailability"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux High Availability TUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux High Availability TUS (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.6::highavailability"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.12-6.el8_6.8.src",
"product": {
"name": "pcs-0:0.10.12-6.el8_6.8.src",
"product_id": "pcs-0:0.10.12-6.el8_6.8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.12-6.el8_6.8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.12-6.el8_6.8.ppc64le",
"product": {
"name": "pcs-0:0.10.12-6.el8_6.8.ppc64le",
"product_id": "pcs-0:0.10.12-6.el8_6.8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.12-6.el8_6.8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le",
"product": {
"name": "pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le",
"product_id": "pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.12-6.el8_6.8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.12-6.el8_6.8.x86_64",
"product": {
"name": "pcs-0:0.10.12-6.el8_6.8.x86_64",
"product_id": "pcs-0:0.10.12-6.el8_6.8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.12-6.el8_6.8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"product": {
"name": "pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"product_id": "pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.12-6.el8_6.8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.12-6.el8_6.8.ppc64le as a component of Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.ppc64le"
},
"product_reference": "pcs-0:0.10.12-6.el8_6.8.ppc64le",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.12-6.el8_6.8.src as a component of Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.src"
},
"product_reference": "pcs-0:0.10.12-6.el8_6.8.src",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.12-6.el8_6.8.x86_64 as a component of Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.x86_64"
},
"product_reference": "pcs-0:0.10.12-6.el8_6.8.x86_64",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le as a component of Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.12-6.el8_6.8.x86_64 as a component of Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.12-6.el8_6.8.src as a component of Red Hat Enterprise Linux High Availability TUS (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.src"
},
"product_reference": "pcs-0:0.10.12-6.el8_6.8.src",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.12-6.el8_6.8.x86_64 as a component of Red Hat Enterprise Linux High Availability TUS (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.x86_64"
},
"product_reference": "pcs-0:0.10.12-6.el8_6.8.x86_64",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.12-6.el8_6.8.x86_64 as a component of Red Hat Enterprise Linux High Availability TUS (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-46727",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-08T00:00:45.681503+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2364966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rack::QueryParser. This vulnerability allows denial of service via oversized HTTP requests containing many parameters, resulting in memory exhaustion that consumes all available memory or CPU resource pinning, which keeps the CPU constantly busy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an IMPORTANT severity because the vulnerabilty was found in the Rack::QueryParser component which arises because Rack::QueryParser parses query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters, when an attacker sends requests with an extremely large number of parameters, Rack::QueryParser consumes excessive memory and CPU during parsing, leading to memory exhaustion, this results in a denial of service, causing the Rack server to crash and leading to full service disruption.\n\nRed Hat Satellite 6.15 includes an affected version of rubygem-rack; however, since it does not utilize Rack::QueryParser, it is not actually vulnerable to the flaw, lowering product-specific impact. The issue has already been addressed in Red Hat Satellite versions 6.16 and 6.17, and updates for other supported versions may follow based on the product lifecycle policy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-46727"
},
{
"category": "external",
"summary": "RHBZ#2364966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-46727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46727"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712",
"url": "https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3",
"url": "https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74",
"url": "https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx",
"url": "https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx"
}
],
"release_date": "2025-05-07T23:07:40.563000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-29T06:28:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8290"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser"
},
{
"cve": "CVE-2025-47287",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-15T22:00:49.780609+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366703"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tornado. This vulnerability can lead to a a denial of service by generating an extremely high volume of log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tornado: Tornado Multipart Form-Data Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important because it leverages the synchronous nature of the logging subsystem to induce a DoS condition. Specifically, malformed multipart/form-data payloads cause repeated, blocking log writes, which stall the event loop that underpins Tornado\u2019s asynchronous architecture. Furthermore, because the vulnerable multipart parser is enabled by default, applications that are otherwise well-secured and do not even use file uploads can still be targeted unless they explicitly block these requests at a proxy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "RHBZ#2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
}
],
"release_date": "2025-05-15T21:17:55.188000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-29T06:28:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8290"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.8.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tornado: Tornado Multipart Form-Data Denial of Service"
}
]
}
rhsa-2025:8291
Vulnerability from csaf_redhat
Published
2025-05-29 06:28
Modified
2025-10-25 00:56
Summary
Red Hat Security Advisory: pcs security update
Notes
Topic
An update for pcs is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)
* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)\n\n* tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8291",
"url": "https://access.redhat.com/errata/RHSA-2025:8291"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2364966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364966"
},
{
"category": "external",
"summary": "2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8291.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2025-10-25T00:56:40+00:00",
"generator": {
"date": "2025-10-25T00:56:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:8291",
"initial_release_date": "2025-05-29T06:28:26+00:00",
"revision_history": [
{
"date": "2025-05-29T06:28:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-29T06:28:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-25T00:56:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"product_id": "HighAvailability-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::highavailability"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"product_id": "ResilientStorage-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::resilientstorage"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.11.1-10.el9_0.8.src",
"product": {
"name": "pcs-0:0.11.1-10.el9_0.8.src",
"product_id": "pcs-0:0.11.1-10.el9_0.8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.11.1-10.el9_0.8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.11.1-10.el9_0.8.ppc64le",
"product": {
"name": "pcs-0:0.11.1-10.el9_0.8.ppc64le",
"product_id": "pcs-0:0.11.1-10.el9_0.8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.11.1-10.el9_0.8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"product": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"product_id": "pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.11.1-10.el9_0.8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.11.1-10.el9_0.8.x86_64",
"product": {
"name": "pcs-0:0.11.1-10.el9_0.8.x86_64",
"product_id": "pcs-0:0.11.1-10.el9_0.8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.11.1-10.el9_0.8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"product": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"product_id": "pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.11.1-10.el9_0.8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.11.1-10.el9_0.8.s390x",
"product": {
"name": "pcs-0:0.11.1-10.el9_0.8.s390x",
"product_id": "pcs-0:0.11.1-10.el9_0.8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.11.1-10.el9_0.8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"product": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"product_id": "pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.11.1-10.el9_0.8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.11.1-10.el9_0.8.aarch64",
"product": {
"name": "pcs-0:0.11.1-10.el9_0.8.aarch64",
"product_id": "pcs-0:0.11.1-10.el9_0.8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.11.1-10.el9_0.8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"product": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"product_id": "pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.11.1-10.el9_0.8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.1-10.el9_0.8.aarch64 as a component of Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"product_id": "HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64"
},
"product_reference": "pcs-0:0.11.1-10.el9_0.8.aarch64",
"relates_to_product_reference": "HighAvailability-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.1-10.el9_0.8.ppc64le as a component of Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"product_id": "HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le"
},
"product_reference": "pcs-0:0.11.1-10.el9_0.8.ppc64le",
"relates_to_product_reference": "HighAvailability-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.1-10.el9_0.8.s390x as a component of Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"product_id": "HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x"
},
"product_reference": "pcs-0:0.11.1-10.el9_0.8.s390x",
"relates_to_product_reference": "HighAvailability-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.1-10.el9_0.8.src as a component of Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"product_id": "HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src"
},
"product_reference": "pcs-0:0.11.1-10.el9_0.8.src",
"relates_to_product_reference": "HighAvailability-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.1-10.el9_0.8.x86_64 as a component of Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"product_id": "HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64"
},
"product_reference": "pcs-0:0.11.1-10.el9_0.8.x86_64",
"relates_to_product_reference": "HighAvailability-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.aarch64 as a component of Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"product_id": "HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64"
},
"product_reference": "pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"relates_to_product_reference": "HighAvailability-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le as a component of Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"product_id": "HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le"
},
"product_reference": "pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"relates_to_product_reference": "HighAvailability-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.s390x as a component of Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"product_id": "HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x"
},
"product_reference": "pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"relates_to_product_reference": "HighAvailability-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.x86_64 as a component of Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"product_id": "HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64"
},
"product_reference": "pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"relates_to_product_reference": "HighAvailability-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.1-10.el9_0.8.aarch64 as a component of Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"product_id": "ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64"
},
"product_reference": "pcs-0:0.11.1-10.el9_0.8.aarch64",
"relates_to_product_reference": "ResilientStorage-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.1-10.el9_0.8.ppc64le as a component of Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"product_id": "ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le"
},
"product_reference": "pcs-0:0.11.1-10.el9_0.8.ppc64le",
"relates_to_product_reference": "ResilientStorage-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.1-10.el9_0.8.s390x as a component of Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"product_id": "ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x"
},
"product_reference": "pcs-0:0.11.1-10.el9_0.8.s390x",
"relates_to_product_reference": "ResilientStorage-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.1-10.el9_0.8.src as a component of Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"product_id": "ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src"
},
"product_reference": "pcs-0:0.11.1-10.el9_0.8.src",
"relates_to_product_reference": "ResilientStorage-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.1-10.el9_0.8.x86_64 as a component of Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"product_id": "ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64"
},
"product_reference": "pcs-0:0.11.1-10.el9_0.8.x86_64",
"relates_to_product_reference": "ResilientStorage-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.aarch64 as a component of Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"product_id": "ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64"
},
"product_reference": "pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"relates_to_product_reference": "ResilientStorage-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le as a component of Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"product_id": "ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le"
},
"product_reference": "pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"relates_to_product_reference": "ResilientStorage-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.s390x as a component of Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"product_id": "ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x"
},
"product_reference": "pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"relates_to_product_reference": "ResilientStorage-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.1-10.el9_0.8.x86_64 as a component of Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"product_id": "ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64"
},
"product_reference": "pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"relates_to_product_reference": "ResilientStorage-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-46727",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-08T00:00:45.681503+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2364966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rack::QueryParser. This vulnerability allows denial of service via oversized HTTP requests containing many parameters, resulting in memory exhaustion that consumes all available memory or CPU resource pinning, which keeps the CPU constantly busy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an IMPORTANT severity because the vulnerabilty was found in the Rack::QueryParser component which arises because Rack::QueryParser parses query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters, when an attacker sends requests with an extremely large number of parameters, Rack::QueryParser consumes excessive memory and CPU during parsing, leading to memory exhaustion, this results in a denial of service, causing the Rack server to crash and leading to full service disruption.\n\nRed Hat Satellite 6.15 includes an affected version of rubygem-rack; however, since it does not utilize Rack::QueryParser, it is not actually vulnerable to the flaw, lowering product-specific impact. The issue has already been addressed in Red Hat Satellite versions 6.16 and 6.17, and updates for other supported versions may follow based on the product lifecycle policy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-46727"
},
{
"category": "external",
"summary": "RHBZ#2364966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-46727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46727"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712",
"url": "https://github.com/rack/rack/commit/2bb5263b464b65ba4b648996a579dbd180d2b712"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3",
"url": "https://github.com/rack/rack/commit/3f5a4249118d09d199fe480466c8c6717e43b6e3"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74",
"url": "https://github.com/rack/rack/commit/cd6b70a1f2a1016b73dc906f924869f4902c2d74"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx",
"url": "https://github.com/rack/rack/security/advisories/GHSA-gjh7-p2fx-99vx"
}
],
"release_date": "2025-05-07T23:07:40.563000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-29T06:28:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8291"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser"
},
{
"cve": "CVE-2025-47287",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-05-15T22:00:49.780609+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366703"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tornado. This vulnerability can lead to a a denial of service by generating an extremely high volume of log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tornado: Tornado Multipart Form-Data Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important because it leverages the synchronous nature of the logging subsystem to induce a DoS condition. Specifically, malformed multipart/form-data payloads cause repeated, blocking log writes, which stall the event loop that underpins Tornado\u2019s asynchronous architecture. Furthermore, because the vulnerable multipart parser is enabled by default, applications that are otherwise well-secured and do not even use file uploads can still be targeted unless they explicitly block these requests at a proxy.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "RHBZ#2366703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"category": "external",
"summary": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
}
],
"release_date": "2025-05-15T21:17:55.188000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-29T06:28:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8291"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"HighAvailability-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"HighAvailability-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.src",
"ResilientStorage-9.0.0.Z.E4S:pcs-0:0.11.1-10.el9_0.8.x86_64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.aarch64",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.ppc64le",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.s390x",
"ResilientStorage-9.0.0.Z.E4S:pcs-snmp-0:0.11.1-10.el9_0.8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tornado: Tornado Multipart Form-Data Denial of Service"
}
]
}
wid-sec-w-2025-1143
Vulnerability from csaf_certbund
Published
2025-05-25 22:00
Modified
2025-07-31 22:00
Summary
Red Hat Enterprise Linux (python-tornado): Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1143 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1143.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1143 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1143"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2025-05-25",
"url": "https://access.redhat.com/errata/RHSA-2025:8135"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2025-05-25",
"url": "https://access.redhat.com/errata/RHSA-2025:8136"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8136 vom 2025-05-26",
"url": "https://linux.oracle.com/errata/ELSA-2025-8136.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8223 vom 2025-05-27",
"url": "https://access.redhat.com/errata/RHSA-2025:8223"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8226 vom 2025-05-27",
"url": "https://access.redhat.com/errata/RHSA-2025:8226"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8254 vom 2025-05-28",
"url": "https://access.redhat.com/errata/RHSA-2025:8254"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8279 vom 2025-05-29",
"url": "https://access.redhat.com/errata/RHSA-2025:8279"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01732-1 vom 2025-05-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020920.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8323 vom 2025-05-29",
"url": "https://access.redhat.com/errata/RHSA-2025:8323"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01726-1 vom 2025-05-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020923.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8254 vom 2025-05-29",
"url": "https://linux.oracle.com/errata/ELSA-2025-8254.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8291 vom 2025-05-29",
"url": "https://access.redhat.com/errata/RHSA-2025:8291"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8290 vom 2025-05-29",
"url": "https://access.redhat.com/errata/RHSA-2025:8290"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4188 vom 2025-05-29",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00038.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7547-1 vom 2025-06-02",
"url": "https://ubuntu.com/security/notices/USN-7547-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01726-2 vom 2025-06-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021427.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8664 vom 2025-06-09",
"url": "https://access.redhat.com/errata/RHSA-2025:8664"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5938 vom 2025-06-06",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00102.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2888 vom 2025-06-12",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2888.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2889 vom 2025-06-12",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2889.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8135 vom 2025-06-27",
"url": "https://linux.oracle.com/errata/ELSA-2025-8135.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20430-1 vom 2025-06-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021677.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2888 vom 2025-06-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2888.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2889 vom 2025-06-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2889.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20445-1 vom 2025-06-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021721.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8664 vom 2025-07-02",
"url": "https://linux.oracle.com/errata/ELSA-2025-8664.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-202507:15310-1 vom 2025-07-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021938.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02502-1 vom 2025-07-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021933.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-202507:15308-1 vom 2025-07-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021940.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-202507:15309-1 vom 2025-07-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021939.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02500-1 vom 2025-07-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021935.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02499-1 vom 2025-07-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021936.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02496-1 vom 2025-07-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021937.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02492-1 vom 2025-07-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021941.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02501-1 vom 2025-07-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021934.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20504-1 vom 2025-07-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021962.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20505-1 vom 2025-07-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021961.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02576-1 vom 2025-07-31",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021997.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02577-1 vom 2025-07-31",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021996.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02578-1 vom 2025-07-31",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021995.html"
}
],
"source_lang": "en-US",
"title": "Red Hat Enterprise Linux (python-tornado): Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2025-07-31T22:00:00.000+00:00",
"generator": {
"date": "2025-08-01T07:15:38.985+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1143",
"initial_release_date": "2025-05-25T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-05-25T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-05-26T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-05-27T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat, SUSE, Oracle Linux und Debian aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-09T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE, Red Hat und Debian aufgenommen"
},
{
"date": "2025-06-12T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-06-26T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
},
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon und SUSE aufgenommen"
},
{
"date": "2025-07-02T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-23T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-27T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-31T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "13"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9",
"product": {
"name": "Red Hat Enterprise Linux \u003c9",
"product_id": "T044147"
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "Red Hat Enterprise Linux 9",
"product_id": "T044147-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10",
"product": {
"name": "Red Hat Enterprise Linux \u003c10",
"product_id": "T044148"
}
},
{
"category": "product_version",
"name": "10",
"product": {
"name": "Red Hat Enterprise Linux 10",
"product_id": "T044148-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47287",
"product_status": {
"known_affected": [
"T044148",
"T044147",
"2951",
"T002207",
"67646",
"T000126",
"398363",
"T004914"
]
},
"release_date": "2025-05-25T22:00:00.000+00:00",
"title": "CVE-2025-47287"
}
]
}
suse-su-2025:02534-1
Vulnerability from csaf_suse
Published
2025-07-28 12:45
Modified
2025-07-28 12:45
Summary
Security update for salt
Notes
Title of the patch
Security update for salt
Description of the patch
This update for salt fixes the following issues:
- Security issues fixed:
- CVE-2024-38822: Fixed Minion token validation (bsc#1244561)
- CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport (bsc#1244564)
- CVE-2024-38824: Fixed directory traversal vulnerability in recv_file method (bsc#1244565)
- CVE-2024-38825: Fixed salt.auth.pki module authentication issue (bsc#1244566)
- CVE-2025-22240: Fixed arbitrary directory creation or file deletion with GitFS (bsc#1244567)
- CVE-2025-22236: Fixed Minion event bus authorization bypass (bsc#1244568)
- CVE-2025-22241: Fixed the use of un-validated input in the VirtKey class (bsc#1244570)
- CVE-2025-22237: Fixed exploitation of the 'on demand' pillar functionality (bsc#1244571)
- CVE-2025-22238: Fixed the master's default cache vulnerability to a directory traversal attack (bsc#1244572)
- CVE-2025-22239: Fixed the arbitrary event injection on the Salt Master (bsc#1244574)
- CVE-2025-22242: Fixed a Denial of Service vulnerability through file read operation (bsc#1244575)
- CVE-2025-47287: Fixed a Denial of Service vulnerability in Tornado logging behavior (bsc#1243268)
- Other bugs fixed:
- Added subsystem filter to udev.exportdb (bsc#1236621)
- Fixed Ubuntu 24.04 test failures
- Fixed refresh of osrelease and related grains on Python 3.10+
- Fixed issue requiring proper Python flavor for dependencies
Patchnames
SUSE-2025-2534,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2534,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2534,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2534,SUSE-SUSE-MicroOS-5.1-2025-2534,SUSE-SUSE-MicroOS-5.2-2025-2534,SUSE-Storage-7.1-2025-2534
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for salt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for salt fixes the following issues:\n\n- Security issues fixed:\n \n - CVE-2024-38822: Fixed Minion token validation (bsc#1244561)\n - CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport (bsc#1244564)\n - CVE-2024-38824: Fixed directory traversal vulnerability in recv_file method (bsc#1244565)\n - CVE-2024-38825: Fixed salt.auth.pki module authentication issue (bsc#1244566)\n - CVE-2025-22240: Fixed arbitrary directory creation or file deletion with GitFS (bsc#1244567)\n - CVE-2025-22236: Fixed Minion event bus authorization bypass (bsc#1244568)\n - CVE-2025-22241: Fixed the use of un-validated input in the VirtKey class (bsc#1244570)\n - CVE-2025-22237: Fixed exploitation of the \u0027on demand\u0027 pillar functionality (bsc#1244571)\n - CVE-2025-22238: Fixed the master\u0027s default cache vulnerability to a directory traversal attack (bsc#1244572)\n - CVE-2025-22239: Fixed the arbitrary event injection on the Salt Master (bsc#1244574) \n - CVE-2025-22242: Fixed a Denial of Service vulnerability through file read operation (bsc#1244575)\n - CVE-2025-47287: Fixed a Denial of Service vulnerability in Tornado logging behavior (bsc#1243268)\n\n- Other bugs fixed:\n\n - Added subsystem filter to udev.exportdb (bsc#1236621)\n - Fixed Ubuntu 24.04 test failures\n - Fixed refresh of osrelease and related grains on Python 3.10+\n - Fixed issue requiring proper Python flavor for dependencies\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2534,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2534,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2534,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2534,SUSE-SUSE-MicroOS-5.1-2025-2534,SUSE-SUSE-MicroOS-5.2-2025-2534,SUSE-Storage-7.1-2025-2534",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02534-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02534-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502534-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02534-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040944.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236621",
"url": "https://bugzilla.suse.com/1236621"
},
{
"category": "self",
"summary": "SUSE Bug 1243268",
"url": "https://bugzilla.suse.com/1243268"
},
{
"category": "self",
"summary": "SUSE Bug 1244561",
"url": "https://bugzilla.suse.com/1244561"
},
{
"category": "self",
"summary": "SUSE Bug 1244564",
"url": "https://bugzilla.suse.com/1244564"
},
{
"category": "self",
"summary": "SUSE Bug 1244565",
"url": "https://bugzilla.suse.com/1244565"
},
{
"category": "self",
"summary": "SUSE Bug 1244566",
"url": "https://bugzilla.suse.com/1244566"
},
{
"category": "self",
"summary": "SUSE Bug 1244567",
"url": "https://bugzilla.suse.com/1244567"
},
{
"category": "self",
"summary": "SUSE Bug 1244568",
"url": "https://bugzilla.suse.com/1244568"
},
{
"category": "self",
"summary": "SUSE Bug 1244570",
"url": "https://bugzilla.suse.com/1244570"
},
{
"category": "self",
"summary": "SUSE Bug 1244571",
"url": "https://bugzilla.suse.com/1244571"
},
{
"category": "self",
"summary": "SUSE Bug 1244572",
"url": "https://bugzilla.suse.com/1244572"
},
{
"category": "self",
"summary": "SUSE Bug 1244574",
"url": "https://bugzilla.suse.com/1244574"
},
{
"category": "self",
"summary": "SUSE Bug 1244575",
"url": "https://bugzilla.suse.com/1244575"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38822 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38823 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38824 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38825 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22236 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22236/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22237 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22238 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22239 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22241 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22242 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22242/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47287 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47287/"
}
],
"title": "Security update for salt",
"tracking": {
"current_release_date": "2025-07-28T12:45:29Z",
"generator": {
"date": "2025-07-28T12:45:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02534-1",
"initial_release_date": "2025-07-28T12:45:29Z",
"revision_history": [
{
"date": "2025-07-28T12:45:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python3-salt-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "python3-salt-3006.0-150300.53.94.1.aarch64",
"product_id": "python3-salt-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-salt-testsuite-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "python3-salt-testsuite-3006.0-150300.53.94.1.aarch64",
"product_id": "python3-salt-testsuite-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "salt-3006.0-150300.53.94.1.aarch64",
"product_id": "salt-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-api-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "salt-api-3006.0-150300.53.94.1.aarch64",
"product_id": "salt-api-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-cloud-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "salt-cloud-3006.0-150300.53.94.1.aarch64",
"product_id": "salt-cloud-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-doc-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "salt-doc-3006.0-150300.53.94.1.aarch64",
"product_id": "salt-doc-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-master-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "salt-master-3006.0-150300.53.94.1.aarch64",
"product_id": "salt-master-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-minion-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "salt-minion-3006.0-150300.53.94.1.aarch64",
"product_id": "salt-minion-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-proxy-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "salt-proxy-3006.0-150300.53.94.1.aarch64",
"product_id": "salt-proxy-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-ssh-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "salt-ssh-3006.0-150300.53.94.1.aarch64",
"product_id": "salt-ssh-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"product_id": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-syndic-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "salt-syndic-3006.0-150300.53.94.1.aarch64",
"product_id": "salt-syndic-3006.0-150300.53.94.1.aarch64"
}
},
{
"category": "product_version",
"name": "salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"product": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"product_id": "salt-transactional-update-3006.0-150300.53.94.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-salt-3006.0-150300.53.94.1.i586",
"product": {
"name": "python3-salt-3006.0-150300.53.94.1.i586",
"product_id": "python3-salt-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "python3-salt-testsuite-3006.0-150300.53.94.1.i586",
"product": {
"name": "python3-salt-testsuite-3006.0-150300.53.94.1.i586",
"product_id": "python3-salt-testsuite-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "salt-3006.0-150300.53.94.1.i586",
"product": {
"name": "salt-3006.0-150300.53.94.1.i586",
"product_id": "salt-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "salt-api-3006.0-150300.53.94.1.i586",
"product": {
"name": "salt-api-3006.0-150300.53.94.1.i586",
"product_id": "salt-api-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "salt-cloud-3006.0-150300.53.94.1.i586",
"product": {
"name": "salt-cloud-3006.0-150300.53.94.1.i586",
"product_id": "salt-cloud-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "salt-doc-3006.0-150300.53.94.1.i586",
"product": {
"name": "salt-doc-3006.0-150300.53.94.1.i586",
"product_id": "salt-doc-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "salt-master-3006.0-150300.53.94.1.i586",
"product": {
"name": "salt-master-3006.0-150300.53.94.1.i586",
"product_id": "salt-master-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "salt-minion-3006.0-150300.53.94.1.i586",
"product": {
"name": "salt-minion-3006.0-150300.53.94.1.i586",
"product_id": "salt-minion-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "salt-proxy-3006.0-150300.53.94.1.i586",
"product": {
"name": "salt-proxy-3006.0-150300.53.94.1.i586",
"product_id": "salt-proxy-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "salt-ssh-3006.0-150300.53.94.1.i586",
"product": {
"name": "salt-ssh-3006.0-150300.53.94.1.i586",
"product_id": "salt-ssh-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.i586",
"product": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.i586",
"product_id": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "salt-syndic-3006.0-150300.53.94.1.i586",
"product": {
"name": "salt-syndic-3006.0-150300.53.94.1.i586",
"product_id": "salt-syndic-3006.0-150300.53.94.1.i586"
}
},
{
"category": "product_version",
"name": "salt-transactional-update-3006.0-150300.53.94.1.i586",
"product": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.i586",
"product_id": "salt-transactional-update-3006.0-150300.53.94.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "salt-bash-completion-3006.0-150300.53.94.1.noarch",
"product": {
"name": "salt-bash-completion-3006.0-150300.53.94.1.noarch",
"product_id": "salt-bash-completion-3006.0-150300.53.94.1.noarch"
}
},
{
"category": "product_version",
"name": "salt-fish-completion-3006.0-150300.53.94.1.noarch",
"product": {
"name": "salt-fish-completion-3006.0-150300.53.94.1.noarch",
"product_id": "salt-fish-completion-3006.0-150300.53.94.1.noarch"
}
},
{
"category": "product_version",
"name": "salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"product": {
"name": "salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"product_id": "salt-zsh-completion-3006.0-150300.53.94.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-salt-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "python3-salt-3006.0-150300.53.94.1.ppc64le",
"product_id": "python3-salt-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-salt-testsuite-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "python3-salt-testsuite-3006.0-150300.53.94.1.ppc64le",
"product_id": "python3-salt-testsuite-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "salt-3006.0-150300.53.94.1.ppc64le",
"product_id": "salt-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-api-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "salt-api-3006.0-150300.53.94.1.ppc64le",
"product_id": "salt-api-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-cloud-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "salt-cloud-3006.0-150300.53.94.1.ppc64le",
"product_id": "salt-cloud-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-doc-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "salt-doc-3006.0-150300.53.94.1.ppc64le",
"product_id": "salt-doc-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-master-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "salt-master-3006.0-150300.53.94.1.ppc64le",
"product_id": "salt-master-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-minion-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "salt-minion-3006.0-150300.53.94.1.ppc64le",
"product_id": "salt-minion-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-proxy-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "salt-proxy-3006.0-150300.53.94.1.ppc64le",
"product_id": "salt-proxy-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-ssh-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "salt-ssh-3006.0-150300.53.94.1.ppc64le",
"product_id": "salt-ssh-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"product_id": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-syndic-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "salt-syndic-3006.0-150300.53.94.1.ppc64le",
"product_id": "salt-syndic-3006.0-150300.53.94.1.ppc64le"
}
},
{
"category": "product_version",
"name": "salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"product": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"product_id": "salt-transactional-update-3006.0-150300.53.94.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-salt-3006.0-150300.53.94.1.s390x",
"product": {
"name": "python3-salt-3006.0-150300.53.94.1.s390x",
"product_id": "python3-salt-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-salt-testsuite-3006.0-150300.53.94.1.s390x",
"product": {
"name": "python3-salt-testsuite-3006.0-150300.53.94.1.s390x",
"product_id": "python3-salt-testsuite-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-3006.0-150300.53.94.1.s390x",
"product": {
"name": "salt-3006.0-150300.53.94.1.s390x",
"product_id": "salt-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-api-3006.0-150300.53.94.1.s390x",
"product": {
"name": "salt-api-3006.0-150300.53.94.1.s390x",
"product_id": "salt-api-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-cloud-3006.0-150300.53.94.1.s390x",
"product": {
"name": "salt-cloud-3006.0-150300.53.94.1.s390x",
"product_id": "salt-cloud-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-doc-3006.0-150300.53.94.1.s390x",
"product": {
"name": "salt-doc-3006.0-150300.53.94.1.s390x",
"product_id": "salt-doc-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-master-3006.0-150300.53.94.1.s390x",
"product": {
"name": "salt-master-3006.0-150300.53.94.1.s390x",
"product_id": "salt-master-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-minion-3006.0-150300.53.94.1.s390x",
"product": {
"name": "salt-minion-3006.0-150300.53.94.1.s390x",
"product_id": "salt-minion-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-proxy-3006.0-150300.53.94.1.s390x",
"product": {
"name": "salt-proxy-3006.0-150300.53.94.1.s390x",
"product_id": "salt-proxy-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-ssh-3006.0-150300.53.94.1.s390x",
"product": {
"name": "salt-ssh-3006.0-150300.53.94.1.s390x",
"product_id": "salt-ssh-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"product": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"product_id": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-syndic-3006.0-150300.53.94.1.s390x",
"product": {
"name": "salt-syndic-3006.0-150300.53.94.1.s390x",
"product_id": "salt-syndic-3006.0-150300.53.94.1.s390x"
}
},
{
"category": "product_version",
"name": "salt-transactional-update-3006.0-150300.53.94.1.s390x",
"product": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.s390x",
"product_id": "salt-transactional-update-3006.0-150300.53.94.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-salt-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "python3-salt-3006.0-150300.53.94.1.x86_64",
"product_id": "python3-salt-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-salt-testsuite-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "python3-salt-testsuite-3006.0-150300.53.94.1.x86_64",
"product_id": "python3-salt-testsuite-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "salt-3006.0-150300.53.94.1.x86_64",
"product_id": "salt-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-api-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "salt-api-3006.0-150300.53.94.1.x86_64",
"product_id": "salt-api-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-cloud-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "salt-cloud-3006.0-150300.53.94.1.x86_64",
"product_id": "salt-cloud-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-doc-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "salt-doc-3006.0-150300.53.94.1.x86_64",
"product_id": "salt-doc-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-master-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "salt-master-3006.0-150300.53.94.1.x86_64",
"product_id": "salt-master-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-minion-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "salt-minion-3006.0-150300.53.94.1.x86_64",
"product_id": "salt-minion-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-proxy-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "salt-proxy-3006.0-150300.53.94.1.x86_64",
"product_id": "salt-proxy-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-ssh-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "salt-ssh-3006.0-150300.53.94.1.x86_64",
"product_id": "salt-ssh-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"product_id": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-syndic-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "salt-syndic-3006.0-150300.53.94.1.x86_64",
"product_id": "salt-syndic-3006.0-150300.53.94.1.x86_64"
}
},
{
"category": "product_version",
"name": "salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"product": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"product_id": "salt-transactional-update-3006.0-150300.53.94.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-api-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-api-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-bash-completion-3006.0-150300.53.94.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-bash-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-cloud-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-cloud-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-doc-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-doc-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-fish-completion-3006.0-150300.53.94.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-fish-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-master-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-master-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-proxy-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-proxy-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-ssh-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-ssh-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-syndic-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-syndic-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-zsh-completion-3006.0-150300.53.94.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-api-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-api-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-api-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-api-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-bash-completion-3006.0-150300.53.94.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-bash-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-cloud-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-cloud-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-cloud-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-cloud-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-doc-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-doc-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-doc-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-doc-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-fish-completion-3006.0-150300.53.94.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-fish-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-master-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-master-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-master-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-master-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-proxy-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-proxy-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-proxy-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-proxy-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-ssh-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-ssh-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-ssh-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-ssh-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-syndic-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-syndic-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-syndic-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-syndic-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-zsh-completion-3006.0-150300.53.94.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-api-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-api-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-bash-completion-3006.0-150300.53.94.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-bash-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-cloud-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-cloud-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-doc-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-doc-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-fish-completion-3006.0-150300.53.94.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-fish-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-master-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-master-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-proxy-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-proxy-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-ssh-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-ssh-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-150300.53.94.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le"
},
"product_reference": "salt-syndic-3006.0-150300.53.94.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-syndic-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-zsh-completion-3006.0-150300.53.94.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "python3-salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-api-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-api-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-api-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-bash-completion-3006.0-150300.53.94.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-bash-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-cloud-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-cloud-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-cloud-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-doc-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-doc-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-doc-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-fish-completion-3006.0-150300.53.94.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-fish-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-master-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-master-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-master-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-minion-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-minion-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-proxy-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-proxy-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-proxy-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-ssh-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-ssh-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-ssh-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-syndic-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-syndic-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-syndic-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-transactional-update-3006.0-150300.53.94.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64"
},
"product_reference": "salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-zsh-completion-3006.0-150300.53.94.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
},
"product_reference": "salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38822"
}
],
"notes": [
{
"category": "general",
"text": "Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38822",
"url": "https://www.suse.com/security/cve/CVE-2024-38822"
},
{
"category": "external",
"summary": "SUSE Bug 1244561 for CVE-2024-38822",
"url": "https://bugzilla.suse.com/1244561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "low"
}
],
"title": "CVE-2024-38822"
},
{
"cve": "CVE-2024-38823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38823"
}
],
"notes": [
{
"category": "general",
"text": "Salt\u0027s request server is vulnerable to replay attacks when not using a TLS encrypted transport.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38823",
"url": "https://www.suse.com/security/cve/CVE-2024-38823"
},
{
"category": "external",
"summary": "SUSE Bug 1244564 for CVE-2024-38823",
"url": "https://bugzilla.suse.com/1244564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2024-38823"
},
{
"cve": "CVE-2024-38824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38824"
}
],
"notes": [
{
"category": "general",
"text": "Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38824",
"url": "https://www.suse.com/security/cve/CVE-2024-38824"
},
{
"category": "external",
"summary": "SUSE Bug 1244565 for CVE-2024-38824",
"url": "https://bugzilla.suse.com/1244565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "critical"
}
],
"title": "CVE-2024-38824"
},
{
"cve": "CVE-2024-38825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38825"
}
],
"notes": [
{
"category": "general",
"text": "The salt.auth.pki module does not properly authenticate callers. The \"password\" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38825",
"url": "https://www.suse.com/security/cve/CVE-2024-38825"
},
{
"category": "external",
"summary": "SUSE Bug 1244566 for CVE-2024-38825",
"url": "https://bugzilla.suse.com/1244566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2024-38825"
},
{
"cve": "CVE-2025-22236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22236"
}
],
"notes": [
{
"category": "general",
"text": "Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions (\u003e= 3007.0).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22236",
"url": "https://www.suse.com/security/cve/CVE-2025-22236"
},
{
"category": "external",
"summary": "SUSE Bug 1244568 for CVE-2025-22236",
"url": "https://bugzilla.suse.com/1244568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "important"
}
],
"title": "CVE-2025-22236"
},
{
"cve": "CVE-2025-22237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22237"
}
],
"notes": [
{
"category": "general",
"text": "An attacker with access to a minion key can exploit the \u0027on demand\u0027 pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22237",
"url": "https://www.suse.com/security/cve/CVE-2025-22237"
},
{
"category": "external",
"summary": "SUSE Bug 1244571 for CVE-2025-22237",
"url": "https://bugzilla.suse.com/1244571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2025-22237"
},
{
"cve": "CVE-2025-22238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22238"
}
],
"notes": [
{
"category": "general",
"text": "Directory traversal attack in minion file cache creation. The master\u0027s default cache is vulnerable to a directory traversal attack. Which could be leveraged to write or overwrite \u0027cache\u0027 files outside of the cache directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22238",
"url": "https://www.suse.com/security/cve/CVE-2025-22238"
},
{
"category": "external",
"summary": "SUSE Bug 1244572 for CVE-2025-22238",
"url": "https://bugzilla.suse.com/1244572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2025-22238"
},
{
"cve": "CVE-2025-22239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22239"
}
],
"notes": [
{
"category": "general",
"text": "Arbitrary event injection on Salt Master. The master\u0027s \"_minion_event\" method can be used by and authorized minion to send arbitrary events onto the master\u0027s event bus.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22239",
"url": "https://www.suse.com/security/cve/CVE-2025-22239"
},
{
"category": "external",
"summary": "SUSE Bug 1244574 for CVE-2025-22239",
"url": "https://bugzilla.suse.com/1244574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "important"
}
],
"title": "CVE-2025-22239"
},
{
"cve": "CVE-2025-22240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22240"
}
],
"notes": [
{
"category": "general",
"text": "Arbitrary directory creation or file deletion. In the find_file method of the GitFS class, a path is created using os.path.join using unvalidated input from the \"tgt_env\" variable. This can be exploited by an attacker to delete any file on the Master\u0027s process has permissions to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22240",
"url": "https://www.suse.com/security/cve/CVE-2025-22240"
},
{
"category": "external",
"summary": "SUSE Bug 1244567 for CVE-2025-22240",
"url": "https://bugzilla.suse.com/1244567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2025-22240"
},
{
"cve": "CVE-2025-22241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22241"
}
],
"notes": [
{
"category": "general",
"text": "File contents overwrite the VirtKey class is called when \"on-demand pillar\" data is requested and uses un-validated input to create paths to the \"pki directory\". The functionality is used to auto-accept Minion authentication keys based on a pre-placed \"authorization file\" at a specific location and is present in the default configuration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22241",
"url": "https://www.suse.com/security/cve/CVE-2025-22241"
},
{
"category": "external",
"summary": "SUSE Bug 1244570 for CVE-2025-22241",
"url": "https://bugzilla.suse.com/1244570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2025-22241"
},
{
"cve": "CVE-2025-22242",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22242"
}
],
"notes": [
{
"category": "general",
"text": "Worker process denial of service through file read operation. .A vulnerability exists in the Master\u0027s \"pub_ret\" method which is exposed to all minions. The un-sanitized input value \"jid\" is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by attempting to read from a filename that will not return any data, e.g. by targeting a pipe node on the proc file system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22242",
"url": "https://www.suse.com/security/cve/CVE-2025-22242"
},
{
"category": "external",
"summary": "SUSE Bug 1244575 for CVE-2025-22242",
"url": "https://bugzilla.suse.com/1244575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "moderate"
}
],
"title": "CVE-2025-22242"
},
{
"cve": "CVE-2025-47287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47287"
}
],
"notes": [
{
"category": "general",
"text": "Tornado is a Python web framework and asynchronous networking library. When Tornado\u0027s ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47287",
"url": "https://www.suse.com/security/cve/CVE-2025-47287"
},
{
"category": "external",
"summary": "SUSE Bug 1243268 for CVE-2025-47287",
"url": "https://bugzilla.suse.com/1243268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Enterprise Storage 7.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Enterprise Storage 7.1:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.1:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Micro 5.2:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-transactional-update-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:salt-zsh-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-api-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-bash-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-cloud-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-doc-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-fish-completion-3006.0-150300.53.94.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-master-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-minion-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-proxy-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-ssh-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-standalone-formulas-configuration-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-syndic-3006.0-150300.53.94.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:salt-zsh-completion-3006.0-150300.53.94.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T12:45:29Z",
"details": "important"
}
],
"title": "CVE-2025-47287"
}
]
}
ghsa-7cx3-6m66-7c5m
Vulnerability from github
Published
2025-05-16 14:12
Modified
2025-05-29 06:31
Severity ?
VLAI Severity ?
Summary
Tornado vulnerable to excessive logging caused by malformed multipart form data
Details
Summary
When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous.
Affected versions
All versions of Tornado prior to 6.5 are affected. The vulnerable parser is enabled by default.
Solution
Upgrade to Tornado version 6.5. In the meantime, risk can be mitigated by blocking Content-Type: multipart/form-data in a proxy.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tornado"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-47287"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2025-05-16T14:12:40Z",
"nvd_published_at": "2025-05-15T22:15:18Z",
"severity": "HIGH"
},
"details": "### Summary\n\nWhen Tornado\u0027s ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous.\n\n### Affected versions\n\nAll versions of Tornado prior to 6.5 are affected. The vulnerable parser is enabled by default.\n\n### Solution\n\nUpgrade to Tornado version 6.5. In the meantime, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.",
"id": "GHSA-7cx3-6m66-7c5m",
"modified": "2025-05-29T06:31:17Z",
"published": "2025-05-16T14:12:40Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"type": "PACKAGE",
"url": "https://github.com/tornadoweb/tornado"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00038.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Tornado vulnerable to excessive logging caused by malformed multipart form data"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…