csaf_suse - suse-su-2025:3785-1

suse-su-2025:3785-1

Vulnerability from csaf_suse

Published

2025-10-24 13:28

Modified

2025-10-24 13:28

Summary

Security update for afterburn

Notes

Title of the patch

Security update for afterburn

Description of the patch

This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: - CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource consumption and denial of service (bsc#1196972). - CVE-2024-12224: idna: acceptance of Punycode labels that do not produce any non-ASCII output may lead to incorrect hostname comparisons and incorrect URL parsing (bsc#1243850). - CVE-2025-5791: users: `root` user being appended to group listings whenever listing does not have exactly 1024 groups can lead to privilege escalation when information is used for access control (bsc#1244199). - CVE-2025-3416: openssl: passing of `Some(...)` value as `properties` argument to `Md::fetch` or `Cipher::fetch` can lead to use-after-free (bsc#1242665). Other issues fixed: - Fixed in version 5.9.0.git21.a73f509: * cargo: update dependencies * microsoft/azure: Add XML attribute alias for serde-xml-rs Fedora compat * microsoft/azure: Fix SharedConfig parsing of XML attributes * microsoft/azure: Mock goalstate.SharedConfig output in tests * providers/azure: switch SSH key retrieval from certs endpoint to IMDS as azure stopped providing keys in the old one (bsc#1250471). * upcloud: implement UpCloud provider * Update several build dependencies - Fixed in version 5.9.0: * cargo: update dependencies * dracut: Return 255 in module-setup * oraclecloud: add release note and move base URL to constant * oraclecloud: implement oraclecloud provider * Update several build dependencies - Fixed in version 5.8.2: * cargo: update dependencies * packit: add initial support - Fixed in version 5.7.0.git103.bae893c: * proxmoxve: Add more context to log messages. * proxmoxve: Remove unneeded fields * proxmoxve: Add tests for static network configuration from cloud-init. * proxmoxve: Add support for static network configuration from cloud-init. * providers/openstack: ignore ec2 metadata if not present * proxmox: use noop provider if no configdrive * Update several build dependencies - Fixed in version 5.7.0: * cargo: update dependencies * dhcp: replace dbus_proxy with proxy, and zbus traits * providers/hetzner: private ipv4 addresses in attributes * openstack: Document the two platforms * microsoft/azure: allow empty certificate chain in PKCS12 file * proxmoxve: implement proxmoxve provider * providers/hetzner: fix duplicate attribute prefix * lint: silence deadcode warnings * lint: address latest lint's from msrv update * cargo: update msrv to 1.75 * providers: Add 'akamai' provider * providers/vmware: add missing public functions for non-amd64 * providers/vmware: Process guestinfo.metadata netplan configuration * kubevirt: Run afterburn-hostname service * providers: add support for scaleway * Move away from deprecated `users` to `uzers` * providers/hetzner: add support for Hetzner Cloud * cargo: update MSRV to 1.71 * cargo: specify required features for nix dependency * openstack: Add attribute OPENSTACK_INSTANCE_UUID * cargo: allow openssl 0.10.46 * build-sys: Use new tier = 2 for cargo-vendor-filterer * cargo: fix minimum version of openssl crate * microsoft/crypto/mod: replace deprecated function `parse` with `parse2` * cli: switch to clap derive * cli: add descriptive value names for option arguments in --help * cli: have clap require exactly one of --cmdline/--provider * providers/`*`: move endpoint mocking into retry::Client * retry/client: move URL parsing into helper function * providers/microsoft: import crate::retry * providers/microsoft: use stored client for all fetches * providers/packet: use stored client for boot checkin * initrd: remember to write trailing newline to network kargs file * util: drop obsolete 'OEM' terminology * Inline variables into format strings * Update several build dependencies - Fixed in version 5.4.1: * cargo: add configuration for cargo-vendor-filterer * util: support DHCP option lookup from NetworkManager * util: factor out retries of DHCP option lookup * util: refactor DHCP option query helper into an enum * util: move dns_lease_key_lookup() to a separate module * cargo: update MSRV to 1.66 * cargo: update all packages to fix build error * cargo: continue to support openssh-keys 0.5 * cargo: drop serde_derive crate in favor of serde derive feature * cargo: use consistent declaration syntax for slog dependency * cargo: drop unused dependencies * cargo: continue to support base64 0.13 * cargo: continue to support mailparse 0.13.8 * cargo: continue to support clap 3.1 * cargo: stop enabling LTO in release builds * providers/ibmcloud: avoid error if an ssh key not found in metadata * systemd: add explicit ordering, after multi-user.target * network: fix clippy 1.63.0 lints * cargo: allow serde_yaml 0.8 * cargo: update version ranges for post-1.x deps * providers: Use inline `format!` in a few places * *: bump MSRV to 1.58.0 * cargo: update clap to 3.2.5 * copr: mark git checkout as safe * providers/aws: expose instance availability-zone-id as AWS_AVAILABILITY_ZONE_ID * Update several build dependencies - Fixed in version 5.3.0: * systemd: enable sshkeys on Power VS platform * network: Encode information for systemd-networkd-wait-online * cargo: update to clap 3.1 * cargo: enable clap wrap_help feature * cli: run clap tests * cli: avoid deprecated clap constructs * cargo: update to clap 3.0 * cli: use clap mechanism to require exp subcommand * cargo: declare MSRV in Cargo.toml * cargo: update to Rust 2021; bump MSRV to 1.56.0 * copr: abort if specfile fetch fails * providers/aws: add AWS_IPV6 attribute * providers/aws: bump metadata version to 2021-01-03 * kubevirt: Add KubeVirt platform support * *.service: add/update Documentation field * aws/mock_tests: explicitly drop mocks before resetting * aws/mock_tests: split out IMDS tests * aws/mock_tests: factor out map building * *: use `RemainAfterExit` on all oneshot services * Update several build dependencies

Patchnames

SUSE-2025-3785,SUSE-SLE-Micro-5.4-2025-3785

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for afterburn",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for afterburn fixes the following issues:\n\nUpdate to version 5.9.0.git21.a73f509.\n\nSecurity issues fixed:\n\n- CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large\n  repetitions on empty sub-expressions can lead to excessive resource consumption and denial of service (bsc#1196972).\n- CVE-2024-12224: idna: acceptance of Punycode labels that do not produce any non-ASCII output may lead to incorrect\n  hostname comparisons and incorrect URL parsing (bsc#1243850).\n- CVE-2025-5791: users: `root` user being appended to group listings whenever listing does not have exactly 1024 groups\n  can lead to privilege escalation when information is used for access control (bsc#1244199).\n- CVE-2025-3416: openssl: passing of `Some(...)` value as `properties` argument to `Md::fetch` or `Cipher::fetch` can\n  lead to use-after-free (bsc#1242665).\n\nOther issues fixed:\n\n- Fixed in version 5.9.0.git21.a73f509:\n  * cargo: update dependencies\n  * microsoft/azure: Add XML attribute alias for serde-xml-rs Fedora compat\n  * microsoft/azure: Fix SharedConfig parsing of XML attributes\n  * microsoft/azure: Mock goalstate.SharedConfig output in tests\n  * providers/azure: switch SSH key retrieval from certs endpoint to IMDS as azure stopped providing keys in the old one (bsc#1250471).\n  * upcloud: implement UpCloud provider\n  * Update several build dependencies\n    \n- Fixed in version 5.9.0:\n  * cargo: update dependencies\n  * dracut: Return 255 in module-setup\n  * oraclecloud: add release note and move base URL to constant\n  * oraclecloud: implement oraclecloud provider\n  * Update several build dependencies\n\n- Fixed in version 5.8.2:\n  * cargo: update dependencies\n  * packit: add initial support\n\n- Fixed in version 5.7.0.git103.bae893c:\n  * proxmoxve: Add more context to log messages.\n  * proxmoxve: Remove unneeded fields\n  * proxmoxve: Add tests for static network configuration from cloud-init.\n  * proxmoxve: Add support for static network configuration from cloud-init.\n  * providers/openstack: ignore ec2 metadata if not present\n  * proxmox: use noop provider if no configdrive\n  * Update several build dependencies\n\n- Fixed in version 5.7.0:\n  * cargo: update dependencies\n  * dhcp: replace dbus_proxy with proxy, and zbus traits\n  * providers/hetzner: private ipv4 addresses in attributes\n  * openstack: Document the two platforms\n  * microsoft/azure: allow empty certificate chain in PKCS12 file\n  * proxmoxve: implement proxmoxve provider\n  * providers/hetzner: fix duplicate attribute prefix\n  * lint: silence deadcode warnings\n  * lint: address latest lint\u0027s from msrv update\n  * cargo: update msrv to 1.75\n  * providers: Add \u0027akamai\u0027 provider\n  * providers/vmware: add missing public functions for non-amd64\n  * providers/vmware: Process guestinfo.metadata netplan configuration\n  * kubevirt: Run afterburn-hostname service\n  * providers: add support for scaleway\n  * Move away from deprecated `users` to `uzers`\n  * providers/hetzner: add support for Hetzner Cloud\n  * cargo: update MSRV to 1.71\n  * cargo: specify required features for nix dependency\n  * openstack: Add attribute OPENSTACK_INSTANCE_UUID\n  * cargo: allow openssl 0.10.46\n  * build-sys: Use new tier = 2 for cargo-vendor-filterer\n  * cargo: fix minimum version of openssl crate\n  * microsoft/crypto/mod: replace deprecated function `parse` with `parse2`\n  * cli: switch to clap derive\n  * cli: add descriptive value names for option arguments in --help\n  * cli: have clap require exactly one of --cmdline/--provider\n  * providers/`*`: move endpoint mocking into retry::Client\n  * retry/client: move URL parsing into helper function\n  * providers/microsoft: import crate::retry\n  * providers/microsoft: use stored client for all fetches\n  * providers/packet: use stored client for boot checkin\n  * initrd: remember to write trailing newline to network kargs file\n  * util: drop obsolete \u0027OEM\u0027 terminology\n  * Inline variables into format strings\n  * Update several build dependencies\n\n- Fixed in version 5.4.1:\n  * cargo: add configuration for cargo-vendor-filterer\n  * util: support DHCP option lookup from NetworkManager\n  * util: factor out retries of DHCP option lookup\n  * util: refactor DHCP option query helper into an enum\n  * util: move dns_lease_key_lookup() to a separate module\n  * cargo: update MSRV to 1.66\n  * cargo: update all packages to fix build error\n  * cargo: continue to support openssh-keys 0.5\n  * cargo: drop serde_derive crate in favor of serde derive feature\n  * cargo: use consistent declaration syntax for slog dependency\n  * cargo: drop unused dependencies\n  * cargo: continue to support base64 0.13\n  * cargo: continue to support mailparse 0.13.8\n  * cargo: continue to support clap 3.1\n  * cargo: stop enabling LTO in release builds\n  * providers/ibmcloud: avoid error if an ssh key not found in metadata\n  * systemd: add explicit ordering, after multi-user.target\n  * network: fix clippy 1.63.0 lints\n  * cargo: allow serde_yaml 0.8\n  * cargo: update version ranges for post-1.x deps\n  * providers: Use inline `format!` in a few places\n  * *: bump MSRV to 1.58.0\n  * cargo: update clap to 3.2.5\n  * copr: mark git checkout as safe\n  * providers/aws: expose instance availability-zone-id as AWS_AVAILABILITY_ZONE_ID\n  * Update several build dependencies\n\n- Fixed in version 5.3.0:\n  * systemd: enable sshkeys on Power VS platform\n  * network: Encode information for systemd-networkd-wait-online\n  * cargo: update to clap 3.1\n  * cargo: enable clap wrap_help feature\n  * cli: run clap tests\n  * cli: avoid deprecated clap constructs\n  * cargo: update to clap 3.0\n  * cli: use clap mechanism to require exp subcommand\n  * cargo: declare MSRV in Cargo.toml\n  * cargo: update to Rust 2021; bump MSRV to 1.56.0\n  * copr: abort if specfile fetch fails\n  * providers/aws: add AWS_IPV6 attribute\n  * providers/aws: bump metadata version to 2021-01-03\n  * kubevirt: Add KubeVirt platform support\n  * *.service: add/update Documentation field\n  * aws/mock_tests: explicitly drop mocks before resetting\n  * aws/mock_tests: split out IMDS tests\n  * aws/mock_tests: factor out map building\n  * *: use `RemainAfterExit` on all oneshot services\n  * Update several build dependencies\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-3785,SUSE-SLE-Micro-5.4-2025-3785",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_3785-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:3785-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253785-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:3785-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2025-October/042302.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196972",
        "url": "https://bugzilla.suse.com/1196972"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1242665",
        "url": "https://bugzilla.suse.com/1242665"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1243850",
        "url": "https://bugzilla.suse.com/1243850"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1244199",
        "url": "https://bugzilla.suse.com/1244199"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1244675",
        "url": "https://bugzilla.suse.com/1244675"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1250471",
        "url": "https://bugzilla.suse.com/1250471"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24713 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24713/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-12224 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-12224/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-3416 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-3416/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-5791 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-5791/"
      }
    ],
    "title": "Security update for afterburn",
    "tracking": {
      "current_release_date": "2025-10-24T13:28:23Z",
      "generator": {
        "date": "2025-10-24T13:28:23Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:3785-1",
      "initial_release_date": "2025-10-24T13:28:23Z",
      "revision_history": [
        {
          "date": "2025-10-24T13:28:23Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
                "product": {
                  "name": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
                  "product_id": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch",
                "product": {
                  "name": "afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch",
                  "product_id": "afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.ppc64le",
                "product": {
                  "name": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.ppc64le",
                  "product_id": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.s390x",
                "product": {
                  "name": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.s390x",
                  "product_id": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
                "product": {
                  "name": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
                  "product_id": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.4",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.4",
                  "product_id": "SUSE Linux Enterprise Micro 5.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-micro:5.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64"
        },
        "product_reference": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64"
        },
        "product_reference": "afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
        },
        "product_reference": "afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-24713",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24713"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it\u0027s considered part of the crate\u0027s API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it\u0027s possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
          "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
          "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24713",
          "url": "https://www.suse.com/security/cve/CVE-2022-24713"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196972 for CVE-2022-24713",
          "url": "https://bugzilla.suse.com/1196972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-24713",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-24T13:28:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24713"
    },
    {
      "cve": "CVE-2024-12224",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-12224"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
          "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
          "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-12224",
          "url": "https://www.suse.com/security/cve/CVE-2024-12224"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1243848 for CVE-2024-12224",
          "url": "https://bugzilla.suse.com/1243848"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-24T13:28:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-12224"
    },
    {
      "cve": "CVE-2025-3416",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-3416"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in OpenSSL\u0027s handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
          "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
          "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-3416",
          "url": "https://www.suse.com/security/cve/CVE-2025-3416"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1242599 for CVE-2025-3416",
          "url": "https://bugzilla.suse.com/1242599"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-24T13:28:23Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-3416"
    },
    {
      "cve": "CVE-2025-5791",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-5791"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the user\u0027s crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
          "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
          "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-5791",
          "url": "https://www.suse.com/security/cve/CVE-2025-5791"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1244187 for CVE-2025-5791",
          "url": "https://bugzilla.suse.com/1244187"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-5.9.0.git21.a73f509-150400.3.3.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:afterburn-dracut-5.9.0.git21.a73f509-150400.3.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-24T13:28:23Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-5791"
    }
  ]
}

CVE-2024-12224 (GCVE-0-2024-12224)

Vulnerability from cvelistv5

Published

2025-05-30 01:16

Modified

2025-05-30 12:46

Severity ?

5.1 (Medium) - CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N

CWE

CWE-1289

Summary

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname.

References

URL

Tags

	https://rustsec.org/advisories/RUSTSEC-2024-0421.html	vendor-advisory
	https://bugzilla.mozilla.org/show_bug.cgi?id=1887898	issue-tracking

Impacted products

	Vendor	Product	Version
	servo	rust-url	Version: 0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12224",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-30T12:46:53.443148Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-30T12:46:56.887Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1887898"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://crates.io/crates/idna",
          "defaultStatus": "unaffected",
          "packageName": "idna",
          "product": "rust-url",
          "repo": "https://github.com/servo/rust-url/",
          "vendor": "servo",
          "versions": [
            {
              "lessThan": "1.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "rust"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In applications using \u003ccode\u003eidna\u003c/code\u003e (but not in \u003ccode\u003eidna\u003c/code\u003e \nitself) this may be able to lead to privilege escalation when host name \ncomparison is part of a privilege check and the behavior is combined \nwith a client that resolves domains with such labels instead of treating\n them as errors that preclude DNS resolution / URL fetching and with the\n attacker managing to introduce a DNS entry (and TLS certificate) for an\n \u003ccode\u003exn--\u003c/code\u003e-masked name that turns into the name of the target when processed by \u003ccode\u003eidna\u003c/code\u003e 0.5.0 or earlier.\u003cbr\u003e"
            }
          ],
          "value": "In applications using idna (but not in idna \nitself) this may be able to lead to privilege escalation when host name \ncomparison is part of a privilege check and the behavior is combined \nwith a client that resolves domains with such labels instead of treating\n them as errors that preclude DNS resolution / URL fetching and with the\n attacker managing to introduce a DNS entry (and TLS certificate) for an\n xn---masked name that turns into the name of the target when processed by idna 0.5.0 or earlier."
        }
      ],
      "datePublic": "2024-12-09T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname."
            }
          ],
          "value": "Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1289",
              "description": "CWE-1289",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-30T01:16:47.829Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://rustsec.org/advisories/RUSTSEC-2024-0421.html"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1887898"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "idna accepts Punycode labels that do not produce any non-ASCII when decoded",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2024-12224",
    "datePublished": "2025-05-30T01:16:47.829Z",
    "dateReserved": "2024-12-05T02:50:17.716Z",
    "dateUpdated": "2025-05-30T12:46:56.887Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3416 (GCVE-0-2025-3416)

Vulnerability from cvelistv5

Published

2025-04-08 18:24

Modified

2025-11-15 04:21

Severity ?

3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-416 - Use After Free

Summary

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2025-3416	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2357560	issue-tracking, x_refsource_REDHAT
	https://github.com/sfackler/rust-openssl
	https://github.com/sfackler/rust-openssl/commit/87085bd67896b7f92e6de35d081f607a334beae4
	https://github.com/sfackler/rust-openssl/pull/2390
	https://rustsec.org/advisories/RUSTSEC-2025-0022.html

Impacted products

Vendor

Product

Version

Version: 0.10.39 ≤

Red Hat	Red Hat Directory Server 11	cpe:/a:redhat:directory_server:11
Red Hat	Red Hat Directory Server 12	cpe:/a:redhat:directory_server:12
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat Trusted Artifact Signer	cpe:/a:redhat:trusted_artifact_signer:1
Red Hat	Red Hat Trusted Artifact Signer	cpe:/a:redhat:trusted_artifact_signer:1
Red Hat	Red Hat Trusted Profile Analyzer	cpe:/a:redhat:trusted_profile_analyzer:1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3416",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-08T19:02:06.643346Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-08T19:02:13.881Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/sfackler/rust-openssl",
          "defaultStatus": "unaffected",
          "packageName": "rust-openssl",
          "versions": [
            {
              "lessThan": "0.10.72",
              "status": "affected",
              "version": "0.10.39",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:11"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:11/389-ds-base",
          "product": "Red Hat Directory Server 11",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:12"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:12/389-ds-base",
          "product": "Red Hat Directory Server 12",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "gjs",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "openssl",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds:1.4/389-ds-base",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-openssl",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mozjs60",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "python3.12-cryptography",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox:flatpak/firefox",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "gjs",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "keylime-agent-rust",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "polkit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "python3.12-cryptography",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rust-bootupd",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "kata-containers",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/tuffer-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/tuftool-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_profile_analyzer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtpa/rhtpa-trustification-service-rhel9",
          "product": "Red Hat Trusted Profile Analyzer",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-04T20:31:08.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in OpenSSL\u0027s handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-15T04:21:16.475Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-3416"
        },
        {
          "name": "RHBZ#2357560",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357560"
        },
        {
          "url": "https://github.com/sfackler/rust-openssl"
        },
        {
          "url": "https://github.com/sfackler/rust-openssl/commit/87085bd67896b7f92e6de35d081f607a334beae4"
        },
        {
          "url": "https://github.com/sfackler/rust-openssl/pull/2390"
        },
        {
          "url": "https://rustsec.org/advisories/RUSTSEC-2025-0022.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-04T21:02:15.898318+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-04T20:31:08+00:00",
          "value": "Made public."
        }
      ],
      "title": "Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-3416",
    "datePublished": "2025-04-08T18:24:22.102Z",
    "dateReserved": "2025-04-07T14:33:50.264Z",
    "dateUpdated": "2025-11-15T04:21:16.475Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-5791 (GCVE-0-2025-5791)

Vulnerability from cvelistv5

Published

2025-06-06 13:10

Modified

2025-11-20 07:41

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-266 - Incorrect Privilege Assignment

Summary

A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list.

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:12359	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-5791	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2370001	issue-tracking, x_refsource_REDHAT
	https://crates.io/crates/users
	https://github.com/ogham/rust-users/issues/44
	https://rustsec.org/advisories/RUSTSEC-2025-0040.html

Impacted products

Vendor

Product

Version

Version: 0.8.0 ≤

Red Hat	Red Hat OpenShift sandboxed containers 1.1	Unaffected: sha256:a6f29da891174e57fcfd131da7aa90c50459ba24164111b83120a1b91f2eabba < * cpe:/a:redhat:confidential_compute_attestation:1.10::el9
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat Trusted Profile Analyzer	cpe:/a:redhat:trusted_profile_analyzer:1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5791",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-06T13:40:43.009202Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-06T13:40:47.773Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/ogham/rust-users/",
          "defaultStatus": "unaffected",
          "packageName": "rust-users",
          "versions": [
            {
              "lessThan": "0.11.1",
              "status": "affected",
              "version": "0.8.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-sandboxed-containers/osc-rhel9-operator",
          "product": "Red Hat OpenShift sandboxed containers 1.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:a6f29da891174e57fcfd131da7aa90c50459ba24164111b83120a1b91f2eabba",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rust-ssh-key-dir",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rust-afterburn",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kata-containers",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rust-afterburn",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_profile_analyzer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtpa/rhtpa-trustification-service-rhel9",
          "product": "Red Hat Trusted Profile Analyzer",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-01-15T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the user\u0027s crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-266",
              "description": "Incorrect Privilege Assignment",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T07:41:09.666Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:12359",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12359"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5791"
        },
        {
          "name": "RHBZ#2370001",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370001"
        },
        {
          "url": "https://crates.io/crates/users"
        },
        {
          "url": "https://github.com/ogham/rust-users/issues/44"
        },
        {
          "url": "https://rustsec.org/advisories/RUSTSEC-2025-0040.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T13:02:24.781295+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-15T12:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Users: `root` appended to group listings",
      "x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5791",
    "datePublished": "2025-06-06T13:10:07.157Z",
    "dateReserved": "2025-06-06T08:09:10.242Z",
    "dateUpdated": "2025-11-20T07:41:09.666Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-24713 (GCVE-0-2022-24713)

Vulnerability from cvelistv5

Published

2022-03-08 19:00

Modified

2025-04-23 18:58

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Summary

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.

References

URL

Tags

	https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8	x_refsource_CONFIRM
	https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e	x_refsource_MISC
	https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/	vendor-advisory, x_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/	vendor-advisory, x_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/	vendor-advisory, x_refsource_FEDORA
	https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html	mailing-list, x_refsource_MLIST
	https://www.debian.org/security/2022/dsa-5113	vendor-advisory, x_refsource_DEBIAN
	https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html	mailing-list, x_refsource_MLIST
	https://www.debian.org/security/2022/dsa-5118	vendor-advisory, x_refsource_DEBIAN
	https://security.gentoo.org/glsa/202208-08	vendor-advisory, x_refsource_GENTOO
	https://security.gentoo.org/glsa/202208-14	vendor-advisory, x_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	rust-lang	regex	Version: < 1.5.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:20:50.199Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw"
          },
          {
            "name": "FEDORA-2022-ceb3e03c5e",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/"
          },
          {
            "name": "FEDORA-2022-8436ac4c39",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/"
          },
          {
            "name": "FEDORA-2022-d20d44ba98",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/"
          },
          {
            "name": "[debian-lts-announce] 20220407 [SECURITY] [DLA 2971-1] firefox-esr security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html"
          },
          {
            "name": "DSA-5113",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5113"
          },
          {
            "name": "[debian-lts-announce] 20220411 [SECURITY] [DLA 2978-1] thunderbird security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html"
          },
          {
            "name": "DSA-5118",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5118"
          },
          {
            "name": "GLSA-202208-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202208-08"
          },
          {
            "name": "GLSA-202208-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202208-14"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-24713",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T15:56:58.280846Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T18:58:21.068Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "regex",
          "vendor": "rust-lang",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.5.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it\u0027s considered part of the crate\u0027s API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it\u0027s possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-10T05:12:38.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw"
        },
        {
          "name": "FEDORA-2022-ceb3e03c5e",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/"
        },
        {
          "name": "FEDORA-2022-8436ac4c39",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/"
        },
        {
          "name": "FEDORA-2022-d20d44ba98",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/"
        },
        {
          "name": "[debian-lts-announce] 20220407 [SECURITY] [DLA 2971-1] firefox-esr security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html"
        },
        {
          "name": "DSA-5113",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5113"
        },
        {
          "name": "[debian-lts-announce] 20220411 [SECURITY] [DLA 2978-1] thunderbird security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html"
        },
        {
          "name": "DSA-5118",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5118"
        },
        {
          "name": "GLSA-202208-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202208-08"
        },
        {
          "name": "GLSA-202208-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202208-14"
        }
      ],
      "source": {
        "advisory": "GHSA-m5pq-gvj9-9vr8",
        "discovery": "UNKNOWN"
      },
      "title": "Regular expression denial of service in Rust\u0027s regex crate",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-24713",
          "STATE": "PUBLIC",
          "TITLE": "Regular expression denial of service in Rust\u0027s regex crate"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "regex",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 1.5.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "rust-lang"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it\u0027s considered part of the crate\u0027s API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it\u0027s possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400: Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8",
              "refsource": "CONFIRM",
              "url": "https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8"
            },
            {
              "name": "https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e",
              "refsource": "MISC",
              "url": "https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e"
            },
            {
              "name": "https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw",
              "refsource": "MISC",
              "url": "https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw"
            },
            {
              "name": "FEDORA-2022-ceb3e03c5e",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/"
            },
            {
              "name": "FEDORA-2022-8436ac4c39",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/"
            },
            {
              "name": "FEDORA-2022-d20d44ba98",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/"
            },
            {
              "name": "[debian-lts-announce] 20220407 [SECURITY] [DLA 2971-1] firefox-esr security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html"
            },
            {
              "name": "DSA-5113",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5113"
            },
            {
              "name": "[debian-lts-announce] 20220411 [SECURITY] [DLA 2978-1] thunderbird security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html"
            },
            {
              "name": "DSA-5118",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5118"
            },
            {
              "name": "GLSA-202208-08",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202208-08"
            },
            {
              "name": "GLSA-202208-14",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202208-14"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-m5pq-gvj9-9vr8",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-24713",
    "datePublished": "2022-03-08T19:00:12.000Z",
    "dateReserved": "2022-02-10T00:00:00.000Z",
    "dateUpdated": "2025-04-23T18:58:21.068Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2025:3785-1

Vulnerability from csaf_suse

CVE-2024-12224 (GCVE-0-2024-12224)

Vulnerability from cvelistv5

CVE-2025-3416 (GCVE-0-2025-3416)

Vulnerability from cvelistv5

CVE-2025-5791 (GCVE-0-2025-5791)

Vulnerability from cvelistv5

CVE-2022-24713 (GCVE-0-2022-24713)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature