Vulnerability-Lookup

RHSA-2025:22938

Vulnerability from csaf_redhat - Published: 2025-12-09 14:59 - Updated: 2026-01-14 22:20

Summary

Red Hat Security Advisory: Kiali 2.11.5 for Red Hat OpenShift Service Mesh 3.1

Notes

Topic

Kiali 2.11.5 for Red Hat OpenShift Service Mesh 3.1 This update has a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Kiali 2.11.5, for Red Hat OpenShift Service Mesh 3.1, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently. Security Fix(es): * kiali-ossmc-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031) * kiali-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031) * kiali-ossmc-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756) * kiali-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Kiali 2.11.5 for Red Hat OpenShift Service Mesh 3.1\n\nThis update has a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Kiali 2.11.5, for Red Hat OpenShift Service Mesh 3.1, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* kiali-ossmc-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)\n\n* kiali-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)\n\n* kiali-ossmc-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)\n\n* kiali-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:22938",
        "url": "https://access.redhat.com/errata/RHSA-2025:22938"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-64756",
        "url": "https://access.redhat.com/security/cve/CVE-2025-64756"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
        "url": "https://access.redhat.com/security/cve/CVE-2025-66031"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/cve-2025-64756",
        "url": "https://access.redhat.com/security/cve/cve-2025-64756"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/cve-2025-66031",
        "url": "https://access.redhat.com/security/cve/cve-2025-66031"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/cve-2025-12816",
        "url": "https://access.redhat.com/security/cve/cve-2025-12816"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification",
        "url": "https://access.redhat.com/security/updates/classification"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22938.json"
      }
    ],
    "title": "Red Hat Security Advisory: Kiali 2.11.5 for Red Hat OpenShift Service Mesh 3.1",
    "tracking": {
      "current_release_date": "2026-01-14T22:20:21+00:00",
      "generator": {
        "date": "2026-01-14T22:20:21+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.15"
        }
      },
      "id": "RHSA-2025:22938",
      "initial_release_date": "2025-12-09T14:59:35+00:00",
      "revision_history": [
        {
          "date": "2025-12-09T14:59:35+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-12-12T21:35:51+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-01-14T22:20:21+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Service Mesh 3.1",
                "product": {
                  "name": "Red Hat OpenShift Service Mesh 3.1",
                  "product_id": "Red Hat OpenShift Service Mesh 3.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:service_mesh:3.1::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Service Mesh"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
                "product": {
                  "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
                  "product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-rhel9@sha256%3A00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.5-1764836235"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
                "product": {
                  "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
                  "product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.5-1764835957"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
                "product": {
                  "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
                  "product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-rhel9@sha256%3A85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.5-1764836235"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
                "product": {
                  "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
                  "product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.5-1764835957"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
                "product": {
                  "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
                  "product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-rhel9@sha256%3A9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.5-1764836235"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
                "product": {
                  "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
                  "product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.5-1764835957"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x",
                "product": {
                  "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x",
                  "product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-rhel9@sha256%3Aef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.5-1764836235"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
                "product": {
                  "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
                  "product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.5-1764835957"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
          "product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le"
        },
        "product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
          "product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64"
        },
        "product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
          "product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x"
        },
        "product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
          "product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64"
        },
        "product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
          "product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64"
        },
        "product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
          "product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64"
        },
        "product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
          "product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le"
        },
        "product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
          "product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
        },
        "product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-12816",
      "cwe": {
        "id": "CWE-179",
        "name": "Incorrect Behavior Order: Early Validation"
      },
      "discovery_date": "2025-11-25T20:01:05.875196+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2417097"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-12816"
        },
        {
          "category": "external",
          "summary": "RHBZ#2417097",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge",
          "url": "https://github.com/digitalbazaar/forge"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/pull/1124",
          "url": "https://github.com/digitalbazaar/forge/pull/1124"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
        },
        {
          "category": "external",
          "summary": "https://kb.cert.org/vuls/id/521113",
          "url": "https://kb.cert.org/vuls/id/521113"
        },
        {
          "category": "external",
          "summary": "https://www.npmjs.com/package/node-forge",
          "url": "https://www.npmjs.com/package/node-forge"
        }
      ],
      "release_date": "2025-11-25T19:15:50.243000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-12-09T14:59:35+00:00",
          "details": "See Kiali 2.11.5 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1/html/observability/kiali-operator-provided-by-red-hat",
          "product_ids": [
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:22938"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
    },
    {
      "cve": "CVE-2025-64756",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2025-11-17T18:01:28.077927+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2415451"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "glob: glob: Command Injection Vulnerability via Malicious Filenames",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw in glob allows arbitrary command execution when the `glob` command-line interface is used with the `-c/--cmd` option to process files with malicious names. The vulnerability is triggered by shell metacharacters in filenames, leading to command injection. The glob CLI tool utilizes the -c option to execute shell commands over the files which matched the searched pattern by using the shell:true parameter when creating the subprocess which will further execute the command informed via \u0027-c\u0027 option, this parameter allows the shell meta characters to be used and processed when executing the command. Given that information glob misses to sanitize the file name to eliminate such characters and expressions from the filename, leading to code execution as when performing the shell expansion such characters will be interpreted as shell commands.\n\nTo exploit this vulnerability the targeted system should run the glob CLI over a file with a maliciously crafted filename, additionally the attacker needs to have enough permission to create such file or trick the user to download and process the required file with the glob CLI.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-64756"
        },
        {
          "category": "external",
          "summary": "RHBZ#2415451",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415451"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-64756",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756"
        },
        {
          "category": "external",
          "summary": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146",
          "url": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146"
        },
        {
          "category": "external",
          "summary": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2",
          "url": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2"
        }
      ],
      "release_date": "2025-11-17T17:29:08.029000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-12-09T14:59:35+00:00",
          "details": "See Kiali 2.11.5 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1/html/observability/kiali-operator-provided-by-red-hat",
          "product_ids": [
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:22938"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, avoid using the `glob` command-line interface with the `-c` or `--cmd` option when processing filenames from untrusted sources. If programmatic use of `glob` is necessary, ensure that filenames are thoroughly sanitized before being passed to commands executed with shell interpretation enabled.",
          "product_ids": [
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "glob: glob: Command Injection Vulnerability via Malicious Filenames"
    },
    {
      "cve": "CVE-2025-66031",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "discovery_date": "2025-11-26T23:01:36.363253+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2417397"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: node-forge ASN.1 Unbounded Recursion",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
          "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-66031"
        },
        {
          "category": "external",
          "summary": "RHBZ#2417397",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
          "url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
        }
      ],
      "release_date": "2025-11-26T22:23:26.013000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-12-09T14:59:35+00:00",
          "details": "See Kiali 2.11.5 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1/html/observability/kiali-operator-provided-by-red-hat",
          "product_ids": [
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:22938"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:502dcba52460677c5d20f2649216e62c426acb83fbfb38bd630e942b9c0c2733_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:53f1ed0ec0b57f5d35c51dda8d3490649c91c2596658f91e9e206c6fb476ee1a_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:75b9064c9e83a08e0147ff97fd45ca8b3adb6f16bccedf66c146a74a8c769b25_s390x",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:928ed23934eae4e9c16ac23eaa828cc09f2d0ae539f330454ad6222e8cec3250_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:00743a84647ebaac732100a5e224ec024d3dfa22a9a942b4df81d1042eac2493_amd64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:85b7d05d935a5d86fc0695ef7ab7edefd27c2674bd35a4e5997b6ac7bbbaa2a8_arm64",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9d884a817a1a1e8924b6405e694ffae05f78664f4e00f355ec2ddd7c05446e53_ppc64le",
            "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ef0ddf23bae41b1c9aad0b05c90aecc2a21b45e125013a139e705c27285907c5_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "node-forge: node-forge ASN.1 Unbounded Recursion"
    }
  ]
}

CVE-2025-64756 (GCVE-0-2025-64756)

Vulnerability from cvelistv5 – Published: 2025-11-17 17:29 – Updated: 2025-11-19 02:30

Title

glob CLI: Command injection via -c/--cmd executes matches with shell:true

Summary

Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c <command> <patterns> are used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to trigger command injection and achieve arbitrary code execution under the user or CI account privileges. This issue has been patched in versions 10.5.0 and 11.1.0.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/isaacs/node-glob/security/advi…	x_refsource_CONFIRM
	https://github.com/isaacs/node-glob/commit/1e4e29…	x_refsource_MISC
	https://github.com/isaacs/node-glob/commit/47473c…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	isaacs	node-glob	Affected: >= 10.2.0, < 10.5.0 Affected: >= 11.0.0, < 11.1.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-64756",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-17T18:24:55.363466Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-18T16:37:11.917Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "node-glob",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 10.2.0, \u003c 10.5.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 11.0.0, \u003c 11.1.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c \u003ccommand\u003e \u003cpatterns\u003e are used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to trigger command injection and achieve arbitrary code execution under the user or CI account privileges. This issue has been patched in versions 10.5.0 and 11.1.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-19T02:30:44.520Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2"
        },
        {
          "name": "https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f"
        },
        {
          "name": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146"
        }
      ],
      "source": {
        "advisory": "GHSA-5j98-mcp5-4vw2",
        "discovery": "UNKNOWN"
      },
      "title": "glob CLI: Command injection via -c/--cmd executes matches with shell:true"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-64756",
    "datePublished": "2025-11-17T17:29:08.029Z",
    "dateReserved": "2025-11-10T22:29:34.874Z",
    "dateUpdated": "2025-11-19T02:30:44.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-66031 (GCVE-0-2025-66031)

Vulnerability from cvelistv5 – Published: 2025-11-26 22:23 – Updated: 2025-11-28 18:27

Title

node-forge ASN.1 Unbounded Recursion

Summary

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.

Severity ?

8.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-674 - Uncontrolled Recursion

Assigner

GitHub_M

References

URL

Tags

	https://github.com/digitalbazaar/forge/security/a…	x_refsource_CONFIRM
	https://github.com/digitalbazaar/forge/commit/260…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	digitalbazaar	forge	Affected: < 1.3.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-66031",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-28T18:26:11.800439Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-28T18:27:06.242Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "forge",
          "vendor": "digitalbazaar",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.3.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674: Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-26T22:23:26.013Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
        },
        {
          "name": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
        }
      ],
      "source": {
        "advisory": "GHSA-554w-wpv2-vw27",
        "discovery": "UNKNOWN"
      },
      "title": "node-forge ASN.1 Unbounded Recursion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-66031",
    "datePublished": "2025-11-26T22:23:26.013Z",
    "dateReserved": "2025-11-21T01:08:02.614Z",
    "dateUpdated": "2025-11-28T18:27:06.242Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-12816 (GCVE-0-2025-12816)

Vulnerability from cvelistv5 – Published: 2025-11-25 19:15 – Updated: 2025-11-25 21:04

Title

CVE-2025-12816

Summary

An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.

Severity ?

No CVSS data available.

CWE

CWE-436 Interpretation Conflict

Assigner

certcc

References

URL

Tags

	https://www.npmjs.com/package/node-forge
	https://github.com/digitalbazaar/forge/pull/1124
	https://github.com/digitalbazaar/forge
	https://kb.cert.org/vuls/id/521113	third-party-advisory
	https://github.com/digitalbazaar/forge/security/a…	third-party-advisory

Impacted products

Vendor

Product

Version

Digital Bazaar

node-forge

Affected: 0 , ≤ 1.3.1 (semver)

Digital Bazaar

forge

Affected: 0 , ≤ 1.3.1 (semver)

Credits

This issue was reported by Hunter Wodzenski of Palo Alto Networks

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 8.6,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-12816",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-25T20:21:37.225634Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-436",
                "description": "CWE-436 Interpretation Conflict",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-25T20:24:22.734Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-25T21:04:09.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.kb.cert.org/vuls/id/521113"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "node-forge",
          "vendor": "Digital Bazaar",
          "versions": [
            {
              "lessThanOrEqual": "1.3.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "product": "forge",
          "vendor": "Digital Bazaar",
          "versions": [
            {
              "lessThanOrEqual": "1.3.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "This issue was reported by Hunter Wodzenski of Palo Alto Networks"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "schemaVersion": "2.0.0",
              "selections": [
                {
                  "definition": "The present state of exploitation of the vulnerability.",
                  "key": "E",
                  "name": "Exploitation",
                  "namespace": "ssvc",
                  "values": [
                    {
                      "key": "P",
                      "name": "Public PoC"
                    }
                  ],
                  "version": "1.1.0"
                },
                {
                  "definition": "Can an attacker reliably automate creating exploitation events for this vulnerability?",
                  "key": "A",
                  "name": "Automatable",
                  "namespace": "ssvc",
                  "values": [
                    {
                      "key": "N",
                      "name": "No"
                    }
                  ],
                  "version": "2.0.0"
                },
                {
                  "definition": "The technical impact of the vulnerability.",
                  "key": "TI",
                  "name": "Technical Impact",
                  "namespace": "ssvc",
                  "values": [
                    {
                      "key": "P",
                      "name": "Partial"
                    }
                  ],
                  "version": "1.0.0"
                }
              ],
              "timestamp": "2025-11-07T15:47:01.238Z"
            },
            "type": "ssvcV2_0_0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-436 Interpretation Conflict",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-25T19:29:31.487Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "url": "https://www.npmjs.com/package/node-forge"
        },
        {
          "url": "https://github.com/digitalbazaar/forge/pull/1124"
        },
        {
          "url": "https://github.com/digitalbazaar/forge"
        },
        {
          "name": "CERT/CC Vulnerability Notice",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://kb.cert.org/vuls/id/521113"
        },
        {
          "name": "Github Security Advisory",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "CVE-2025-12816",
      "x_generator": {
        "engine": "VINCE 3.0.29",
        "env": "prod",
        "origin": "https://cveawg.mitre.org/api/cve/CVE-2025-12816"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2025-12816",
    "datePublished": "2025-11-25T19:15:50.243Z",
    "dateReserved": "2025-11-06T17:11:38.255Z",
    "dateUpdated": "2025-11-25T21:04:09.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHSA-2025:22938

CVE-2025-64756 (GCVE-0-2025-64756)

CVE-2025-66031 (GCVE-0-2025-66031)

CVE-2025-12816 (GCVE-0-2025-12816)

Tags

Sightings

Nomenclature