Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-27613 (GCVE-0-2025-27613)
Vulnerability from cvelistv5 – Published: 2025-07-10 14:58 – Updated: 2025-11-04 21:09
VLAI
EPSS
Title
Gitk can create and truncate files in the user's home directory
Summary
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/j6t/gitk/security/advisories/G… | x_refsource_CONFIRM |
| https://github.com/j6t/gitk/compare/465f03869ae11… | x_refsource_MISC |
| https://github.com/j6t/gitk/compare/7dd272eca1530… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2025… | |
| http://www.openwall.com/lists/oss-security/2025/07/08/4 |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27613",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T15:55:29.551008Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T15:55:34.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:09:52.727Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/07/08/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "gitk",
"vendor": "j6t",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.7.0, \u003c 2.43.7"
},
{
"status": "affected",
"version": "\u003e= 2.44.0, \u003c 2.44.4"
},
{
"status": "affected",
"version": "\u003e= 2.45.0, \u003c 2.45.4"
},
{
"status": "affected",
"version": "\u003e= 2.46.0, \u003c 2.46.4"
},
{
"status": "affected",
"version": "\u003e= 2.47.0, \u003c 2.47.3"
},
{
"status": "affected",
"version": "\u003e= 2.48.0, \u003c 2.48.2"
},
{
"status": "affected",
"version": "\u003e= 2.49.0, \u003c 2.49.1"
},
{
"status": "affected",
"version": "\u003e= 2.50.0, \u003c 2.50.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk\u0027s Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T14:58:16.752Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v"
},
{
"name": "https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5"
},
{
"name": "https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652"
}
],
"source": {
"advisory": "GHSA-f3cw-xrj3-wr2v",
"discovery": "UNKNOWN"
},
"title": "Gitk can create and truncate files in the user\u0027s home directory"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-27613",
"datePublished": "2025-07-10T14:58:16.752Z",
"dateReserved": "2025-03-03T15:10:34.079Z",
"dateUpdated": "2025-11-04T21:09:52.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-27613",
"date": "2026-06-18",
"epss": "0.00287",
"percentile": "0.20237"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-27613\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-07-10T15:15:26.243\",\"lastModified\":\"2025-11-04T22:16:08.857\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk\u0027s Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.\"},{\"lang\":\"es\",\"value\":\"Gitk es un explorador de historial de Git basado en Tcl/Tk. A partir de la versi\u00f3n 1.7.0, cuando un usuario clona un repositorio no confiable y ejecuta Gitk sin argumentos de comando adicionales, se pueden crear y truncar archivos con permiso de escritura. La opci\u00f3n \\\"Compatibilidad con codificaci\u00f3n por archivo\\\" debe estar habilitada previamente en las Preferencias de Gitk. Esta opci\u00f3n est\u00e1 deshabilitada por defecto. Lo mismo ocurre cuando se usa \\\"Mostrar el origen de esta l\u00ednea\\\" en la ventana principal (independientemente de si \\\"Compatibilidad con codificaci\u00f3n por archivo\\\" est\u00e1 habilitada o no). Esta vulnerabilidad est\u00e1 corregida en las versiones 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1 y 2.50.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N\",\"baseScore\":3.6,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"references\":[{\"url\":\"https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v\",\"source\":\"security-advisories@github.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/07/08/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/07/08/4\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T21:09:52.727Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-27613\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-10T15:55:29.551008Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-10T15:55:32.318Z\"}}], \"cna\": {\"title\": \"Gitk can create and truncate files in the user\u0027s home directory\", \"source\": {\"advisory\": \"GHSA-f3cw-xrj3-wr2v\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 3.6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"j6t\", \"product\": \"gitk\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 1.7.0, \u003c 2.43.7\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.44.0, \u003c 2.44.4\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.45.0, \u003c 2.45.4\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.46.0, \u003c 2.46.4\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.47.0, \u003c 2.47.3\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.48.0, \u003c 2.48.2\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.49.0, \u003c 2.49.1\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.50.0, \u003c 2.50.1\"}]}], \"references\": [{\"url\": \"https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v\", \"name\": \"https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5\", \"name\": \"https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652\", \"name\": \"https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk\u0027s Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-07-10T14:58:16.752Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-27613\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T21:09:52.727Z\", \"dateReserved\": \"2025-03-03T15:10:34.079Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-07-10T14:58:16.752Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
WID-SEC-W-2025-1485
Vulnerability from csaf_certbund - Published: 2025-07-08 22:00 - Updated: 2025-10-26 23:00Summary
Microsoft Developer Tools und git: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Microsoft Visual Studio ist eine integrierte Entwicklungsumgebung für Hochsprachen.
Visual Studio Code ist ein Quelltext-Editor von Microsoft.
Git ist eine freie Software zur verteilten Versionsverwaltung von Dateien.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Microsoft Visual Studio, Microsoft Visual Studio Code und git ausnutzen, um Administratorrechte zu erlangen, beliebigen Code auszuführen, Daten zu manipulieren, einen Denial-of-Service-Zustand zu erzeugen und andere nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme: - Linux
- MacOS X
- UNIX
- Windows
Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform
|
Container Platform | |
|
cPanel cPanel/WHM <130.0.2
cPanel / cPanel/WHM
|
<130.0.2 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Microsoft Visual Studio 2017 version 15.9 (includes 15.0-15.8)
Microsoft / Visual Studio 2017
|
version 15.9 (includes 15.0-15.8) | ||
|
Microsoft Visual Studio 2015 Update 3
Microsoft / Visual Studio 2015
|
cpe:/a:microsoft:visual_studio_2015:update_3
|
Update 3 | |
|
Microsoft Visual Studio Code Python extension for Visual Studio Code
Microsoft / Visual Studio Code
|
cpe:/a:microsoft:visual_studio_code:python_extension_for_visual_studio_code
|
Python extension for Visual Studio Code | |
|
Microsoft Visual Studio 2022 version 17.8
Microsoft / Visual Studio 2022
|
version 17.8 | ||
|
Open Source git <2.44.4
Open Source / git
|
<2.44.4 | ||
|
Microsoft Visual Studio 2019 version 16.11 (includes 16.0-16.10)
Microsoft / Visual Studio 2019
|
version 16.11 (includes 16.0-16.10) | ||
|
Open Source git <2.43.7
Open Source / git
|
<2.43.7 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.80
Red Hat / OpenShift
|
Container Platform <4.12.80 | ||
|
Red Hat OpenShift Container Platform <4.15.57
Red Hat / OpenShift
|
Container Platform <4.15.57 | ||
|
Red Hat OpenShift Container Platform <4.17.38
Red Hat / OpenShift
|
Container Platform <4.17.38 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Visual Studio 2022 version 17.12
Microsoft / Visual Studio 2022
|
version 17.12 | ||
|
Open Source git <2.46.4
Open Source / git
|
<2.46.4 | ||
|
Microsoft Visual Studio 2022 version 17.10
Microsoft / Visual Studio 2022
|
version 17.10 | ||
|
Open Source git <2.45.4
Open Source / git
|
<2.45.4 | ||
|
Open Source Gitea <1.24.3
Open Source / Gitea
|
<1.24.3 | ||
|
Open Source git <2.48.2
Open Source / git
|
<2.48.2 | ||
|
Microsoft Visual Studio 2022 version 17.14
Microsoft / Visual Studio 2022
|
version 17.14 | ||
|
Open Source git <2.47.3
Open Source / git
|
<2.47.3 | ||
|
Red Hat OpenShift Container Platform <4.18.22
Red Hat / OpenShift
|
Container Platform <4.18.22 | ||
|
Open Source git <2.49.1
Open Source / git
|
<2.49.1 |
Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform
|
Container Platform | |
|
cPanel cPanel/WHM <130.0.2
cPanel / cPanel/WHM
|
<130.0.2 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Microsoft Visual Studio 2017 version 15.9 (includes 15.0-15.8)
Microsoft / Visual Studio 2017
|
version 15.9 (includes 15.0-15.8) | ||
|
Microsoft Visual Studio 2015 Update 3
Microsoft / Visual Studio 2015
|
cpe:/a:microsoft:visual_studio_2015:update_3
|
Update 3 | |
|
Microsoft Visual Studio Code Python extension for Visual Studio Code
Microsoft / Visual Studio Code
|
cpe:/a:microsoft:visual_studio_code:python_extension_for_visual_studio_code
|
Python extension for Visual Studio Code | |
|
Microsoft Visual Studio 2022 version 17.8
Microsoft / Visual Studio 2022
|
version 17.8 | ||
|
Open Source git <2.44.4
Open Source / git
|
<2.44.4 | ||
|
Microsoft Visual Studio 2019 version 16.11 (includes 16.0-16.10)
Microsoft / Visual Studio 2019
|
version 16.11 (includes 16.0-16.10) | ||
|
Open Source git <2.43.7
Open Source / git
|
<2.43.7 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.80
Red Hat / OpenShift
|
Container Platform <4.12.80 | ||
|
Red Hat OpenShift Container Platform <4.15.57
Red Hat / OpenShift
|
Container Platform <4.15.57 | ||
|
Red Hat OpenShift Container Platform <4.17.38
Red Hat / OpenShift
|
Container Platform <4.17.38 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Visual Studio 2022 version 17.12
Microsoft / Visual Studio 2022
|
version 17.12 | ||
|
Open Source git <2.46.4
Open Source / git
|
<2.46.4 | ||
|
Microsoft Visual Studio 2022 version 17.10
Microsoft / Visual Studio 2022
|
version 17.10 | ||
|
Open Source git <2.45.4
Open Source / git
|
<2.45.4 | ||
|
Open Source Gitea <1.24.3
Open Source / Gitea
|
<1.24.3 | ||
|
Open Source git <2.48.2
Open Source / git
|
<2.48.2 | ||
|
Microsoft Visual Studio 2022 version 17.14
Microsoft / Visual Studio 2022
|
version 17.14 | ||
|
Open Source git <2.47.3
Open Source / git
|
<2.47.3 | ||
|
Red Hat OpenShift Container Platform <4.18.22
Red Hat / OpenShift
|
Container Platform <4.18.22 | ||
|
Open Source git <2.49.1
Open Source / git
|
<2.49.1 |
Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform
|
Container Platform | |
|
cPanel cPanel/WHM <130.0.2
cPanel / cPanel/WHM
|
<130.0.2 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Microsoft Visual Studio 2017 version 15.9 (includes 15.0-15.8)
Microsoft / Visual Studio 2017
|
version 15.9 (includes 15.0-15.8) | ||
|
Microsoft Visual Studio 2015 Update 3
Microsoft / Visual Studio 2015
|
cpe:/a:microsoft:visual_studio_2015:update_3
|
Update 3 | |
|
Microsoft Visual Studio Code Python extension for Visual Studio Code
Microsoft / Visual Studio Code
|
cpe:/a:microsoft:visual_studio_code:python_extension_for_visual_studio_code
|
Python extension for Visual Studio Code | |
|
Microsoft Visual Studio 2022 version 17.8
Microsoft / Visual Studio 2022
|
version 17.8 | ||
|
Open Source git <2.44.4
Open Source / git
|
<2.44.4 | ||
|
Microsoft Visual Studio 2019 version 16.11 (includes 16.0-16.10)
Microsoft / Visual Studio 2019
|
version 16.11 (includes 16.0-16.10) | ||
|
Open Source git <2.43.7
Open Source / git
|
<2.43.7 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.80
Red Hat / OpenShift
|
Container Platform <4.12.80 | ||
|
Red Hat OpenShift Container Platform <4.15.57
Red Hat / OpenShift
|
Container Platform <4.15.57 | ||
|
Red Hat OpenShift Container Platform <4.17.38
Red Hat / OpenShift
|
Container Platform <4.17.38 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Visual Studio 2022 version 17.12
Microsoft / Visual Studio 2022
|
version 17.12 | ||
|
Open Source git <2.46.4
Open Source / git
|
<2.46.4 | ||
|
Microsoft Visual Studio 2022 version 17.10
Microsoft / Visual Studio 2022
|
version 17.10 | ||
|
Open Source git <2.45.4
Open Source / git
|
<2.45.4 | ||
|
Open Source Gitea <1.24.3
Open Source / Gitea
|
<1.24.3 | ||
|
Open Source git <2.48.2
Open Source / git
|
<2.48.2 | ||
|
Microsoft Visual Studio 2022 version 17.14
Microsoft / Visual Studio 2022
|
version 17.14 | ||
|
Open Source git <2.47.3
Open Source / git
|
<2.47.3 | ||
|
Red Hat OpenShift Container Platform <4.18.22
Red Hat / OpenShift
|
Container Platform <4.18.22 | ||
|
Open Source git <2.49.1
Open Source / git
|
<2.49.1 |
Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform
|
Container Platform | |
|
cPanel cPanel/WHM <130.0.2
cPanel / cPanel/WHM
|
<130.0.2 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Microsoft Visual Studio 2017 version 15.9 (includes 15.0-15.8)
Microsoft / Visual Studio 2017
|
version 15.9 (includes 15.0-15.8) | ||
|
Microsoft Visual Studio 2015 Update 3
Microsoft / Visual Studio 2015
|
cpe:/a:microsoft:visual_studio_2015:update_3
|
Update 3 | |
|
Microsoft Visual Studio Code Python extension for Visual Studio Code
Microsoft / Visual Studio Code
|
cpe:/a:microsoft:visual_studio_code:python_extension_for_visual_studio_code
|
Python extension for Visual Studio Code | |
|
Microsoft Visual Studio 2022 version 17.8
Microsoft / Visual Studio 2022
|
version 17.8 | ||
|
Open Source git <2.44.4
Open Source / git
|
<2.44.4 | ||
|
Microsoft Visual Studio 2019 version 16.11 (includes 16.0-16.10)
Microsoft / Visual Studio 2019
|
version 16.11 (includes 16.0-16.10) | ||
|
Open Source git <2.43.7
Open Source / git
|
<2.43.7 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.80
Red Hat / OpenShift
|
Container Platform <4.12.80 | ||
|
Red Hat OpenShift Container Platform <4.15.57
Red Hat / OpenShift
|
Container Platform <4.15.57 | ||
|
Red Hat OpenShift Container Platform <4.17.38
Red Hat / OpenShift
|
Container Platform <4.17.38 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Visual Studio 2022 version 17.12
Microsoft / Visual Studio 2022
|
version 17.12 | ||
|
Open Source git <2.46.4
Open Source / git
|
<2.46.4 | ||
|
Microsoft Visual Studio 2022 version 17.10
Microsoft / Visual Studio 2022
|
version 17.10 | ||
|
Open Source git <2.45.4
Open Source / git
|
<2.45.4 | ||
|
Open Source Gitea <1.24.3
Open Source / Gitea
|
<1.24.3 | ||
|
Open Source git <2.48.2
Open Source / git
|
<2.48.2 | ||
|
Microsoft Visual Studio 2022 version 17.14
Microsoft / Visual Studio 2022
|
version 17.14 | ||
|
Open Source git <2.47.3
Open Source / git
|
<2.47.3 | ||
|
Red Hat OpenShift Container Platform <4.18.22
Red Hat / OpenShift
|
Container Platform <4.18.22 | ||
|
Open Source git <2.49.1
Open Source / git
|
<2.49.1 |
Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform
|
Container Platform | |
|
cPanel cPanel/WHM <130.0.2
cPanel / cPanel/WHM
|
<130.0.2 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Microsoft Visual Studio 2017 version 15.9 (includes 15.0-15.8)
Microsoft / Visual Studio 2017
|
version 15.9 (includes 15.0-15.8) | ||
|
Microsoft Visual Studio 2015 Update 3
Microsoft / Visual Studio 2015
|
cpe:/a:microsoft:visual_studio_2015:update_3
|
Update 3 | |
|
Microsoft Visual Studio Code Python extension for Visual Studio Code
Microsoft / Visual Studio Code
|
cpe:/a:microsoft:visual_studio_code:python_extension_for_visual_studio_code
|
Python extension for Visual Studio Code | |
|
Microsoft Visual Studio 2022 version 17.8
Microsoft / Visual Studio 2022
|
version 17.8 | ||
|
Open Source git <2.44.4
Open Source / git
|
<2.44.4 | ||
|
Microsoft Visual Studio 2019 version 16.11 (includes 16.0-16.10)
Microsoft / Visual Studio 2019
|
version 16.11 (includes 16.0-16.10) | ||
|
Open Source git <2.43.7
Open Source / git
|
<2.43.7 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.80
Red Hat / OpenShift
|
Container Platform <4.12.80 | ||
|
Red Hat OpenShift Container Platform <4.15.57
Red Hat / OpenShift
|
Container Platform <4.15.57 | ||
|
Red Hat OpenShift Container Platform <4.17.38
Red Hat / OpenShift
|
Container Platform <4.17.38 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Visual Studio 2022 version 17.12
Microsoft / Visual Studio 2022
|
version 17.12 | ||
|
Open Source git <2.46.4
Open Source / git
|
<2.46.4 | ||
|
Microsoft Visual Studio 2022 version 17.10
Microsoft / Visual Studio 2022
|
version 17.10 | ||
|
Open Source git <2.45.4
Open Source / git
|
<2.45.4 | ||
|
Open Source Gitea <1.24.3
Open Source / Gitea
|
<1.24.3 | ||
|
Open Source git <2.48.2
Open Source / git
|
<2.48.2 | ||
|
Microsoft Visual Studio 2022 version 17.14
Microsoft / Visual Studio 2022
|
version 17.14 | ||
|
Open Source git <2.47.3
Open Source / git
|
<2.47.3 | ||
|
Red Hat OpenShift Container Platform <4.18.22
Red Hat / OpenShift
|
Container Platform <4.18.22 | ||
|
Open Source git <2.49.1
Open Source / git
|
<2.49.1 |
Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform
|
Container Platform | |
|
cPanel cPanel/WHM <130.0.2
cPanel / cPanel/WHM
|
<130.0.2 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Microsoft Visual Studio 2017 version 15.9 (includes 15.0-15.8)
Microsoft / Visual Studio 2017
|
version 15.9 (includes 15.0-15.8) | ||
|
Microsoft Visual Studio 2015 Update 3
Microsoft / Visual Studio 2015
|
cpe:/a:microsoft:visual_studio_2015:update_3
|
Update 3 | |
|
Microsoft Visual Studio Code Python extension for Visual Studio Code
Microsoft / Visual Studio Code
|
cpe:/a:microsoft:visual_studio_code:python_extension_for_visual_studio_code
|
Python extension for Visual Studio Code | |
|
Microsoft Visual Studio 2022 version 17.8
Microsoft / Visual Studio 2022
|
version 17.8 | ||
|
Open Source git <2.44.4
Open Source / git
|
<2.44.4 | ||
|
Microsoft Visual Studio 2019 version 16.11 (includes 16.0-16.10)
Microsoft / Visual Studio 2019
|
version 16.11 (includes 16.0-16.10) | ||
|
Open Source git <2.43.7
Open Source / git
|
<2.43.7 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.80
Red Hat / OpenShift
|
Container Platform <4.12.80 | ||
|
Red Hat OpenShift Container Platform <4.15.57
Red Hat / OpenShift
|
Container Platform <4.15.57 | ||
|
Red Hat OpenShift Container Platform <4.17.38
Red Hat / OpenShift
|
Container Platform <4.17.38 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Visual Studio 2022 version 17.12
Microsoft / Visual Studio 2022
|
version 17.12 | ||
|
Open Source git <2.46.4
Open Source / git
|
<2.46.4 | ||
|
Microsoft Visual Studio 2022 version 17.10
Microsoft / Visual Studio 2022
|
version 17.10 | ||
|
Open Source git <2.45.4
Open Source / git
|
<2.45.4 | ||
|
Open Source Gitea <1.24.3
Open Source / Gitea
|
<1.24.3 | ||
|
Open Source git <2.48.2
Open Source / git
|
<2.48.2 | ||
|
Microsoft Visual Studio 2022 version 17.14
Microsoft / Visual Studio 2022
|
version 17.14 | ||
|
Open Source git <2.47.3
Open Source / git
|
<2.47.3 | ||
|
Red Hat OpenShift Container Platform <4.18.22
Red Hat / OpenShift
|
Container Platform <4.18.22 | ||
|
Open Source git <2.49.1
Open Source / git
|
<2.49.1 |
Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform
|
Container Platform | |
|
cPanel cPanel/WHM <130.0.2
cPanel / cPanel/WHM
|
<130.0.2 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Microsoft Visual Studio 2017 version 15.9 (includes 15.0-15.8)
Microsoft / Visual Studio 2017
|
version 15.9 (includes 15.0-15.8) | ||
|
Microsoft Visual Studio 2015 Update 3
Microsoft / Visual Studio 2015
|
cpe:/a:microsoft:visual_studio_2015:update_3
|
Update 3 | |
|
Microsoft Visual Studio Code Python extension for Visual Studio Code
Microsoft / Visual Studio Code
|
cpe:/a:microsoft:visual_studio_code:python_extension_for_visual_studio_code
|
Python extension for Visual Studio Code | |
|
Microsoft Visual Studio 2022 version 17.8
Microsoft / Visual Studio 2022
|
version 17.8 | ||
|
Open Source git <2.44.4
Open Source / git
|
<2.44.4 | ||
|
Microsoft Visual Studio 2019 version 16.11 (includes 16.0-16.10)
Microsoft / Visual Studio 2019
|
version 16.11 (includes 16.0-16.10) | ||
|
Open Source git <2.43.7
Open Source / git
|
<2.43.7 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.80
Red Hat / OpenShift
|
Container Platform <4.12.80 | ||
|
Red Hat OpenShift Container Platform <4.15.57
Red Hat / OpenShift
|
Container Platform <4.15.57 | ||
|
Red Hat OpenShift Container Platform <4.17.38
Red Hat / OpenShift
|
Container Platform <4.17.38 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Visual Studio 2022 version 17.12
Microsoft / Visual Studio 2022
|
version 17.12 | ||
|
Open Source git <2.46.4
Open Source / git
|
<2.46.4 | ||
|
Microsoft Visual Studio 2022 version 17.10
Microsoft / Visual Studio 2022
|
version 17.10 | ||
|
Open Source git <2.45.4
Open Source / git
|
<2.45.4 | ||
|
Open Source Gitea <1.24.3
Open Source / Gitea
|
<1.24.3 | ||
|
Open Source git <2.48.2
Open Source / git
|
<2.48.2 | ||
|
Microsoft Visual Studio 2022 version 17.14
Microsoft / Visual Studio 2022
|
version 17.14 | ||
|
Open Source git <2.47.3
Open Source / git
|
<2.47.3 | ||
|
Red Hat OpenShift Container Platform <4.18.22
Red Hat / OpenShift
|
Container Platform <4.18.22 | ||
|
Open Source git <2.49.1
Open Source / git
|
<2.49.1 |
Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform
|
Container Platform | |
|
cPanel cPanel/WHM <130.0.2
cPanel / cPanel/WHM
|
<130.0.2 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Microsoft Visual Studio 2017 version 15.9 (includes 15.0-15.8)
Microsoft / Visual Studio 2017
|
version 15.9 (includes 15.0-15.8) | ||
|
Microsoft Visual Studio 2015 Update 3
Microsoft / Visual Studio 2015
|
cpe:/a:microsoft:visual_studio_2015:update_3
|
Update 3 | |
|
Microsoft Visual Studio Code Python extension for Visual Studio Code
Microsoft / Visual Studio Code
|
cpe:/a:microsoft:visual_studio_code:python_extension_for_visual_studio_code
|
Python extension for Visual Studio Code | |
|
Microsoft Visual Studio 2022 version 17.8
Microsoft / Visual Studio 2022
|
version 17.8 | ||
|
Open Source git <2.44.4
Open Source / git
|
<2.44.4 | ||
|
Microsoft Visual Studio 2019 version 16.11 (includes 16.0-16.10)
Microsoft / Visual Studio 2019
|
version 16.11 (includes 16.0-16.10) | ||
|
Open Source git <2.43.7
Open Source / git
|
<2.43.7 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.80
Red Hat / OpenShift
|
Container Platform <4.12.80 | ||
|
Red Hat OpenShift Container Platform <4.15.57
Red Hat / OpenShift
|
Container Platform <4.15.57 | ||
|
Red Hat OpenShift Container Platform <4.17.38
Red Hat / OpenShift
|
Container Platform <4.17.38 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Visual Studio 2022 version 17.12
Microsoft / Visual Studio 2022
|
version 17.12 | ||
|
Open Source git <2.46.4
Open Source / git
|
<2.46.4 | ||
|
Microsoft Visual Studio 2022 version 17.10
Microsoft / Visual Studio 2022
|
version 17.10 | ||
|
Open Source git <2.45.4
Open Source / git
|
<2.45.4 | ||
|
Open Source Gitea <1.24.3
Open Source / Gitea
|
<1.24.3 | ||
|
Open Source git <2.48.2
Open Source / git
|
<2.48.2 | ||
|
Microsoft Visual Studio 2022 version 17.14
Microsoft / Visual Studio 2022
|
version 17.14 | ||
|
Open Source git <2.47.3
Open Source / git
|
<2.47.3 | ||
|
Red Hat OpenShift Container Platform <4.18.22
Red Hat / OpenShift
|
Container Platform <4.18.22 | ||
|
Open Source git <2.49.1
Open Source / git
|
<2.49.1 |
Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform
|
Container Platform | |
|
cPanel cPanel/WHM <130.0.2
cPanel / cPanel/WHM
|
<130.0.2 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Microsoft Visual Studio 2017 version 15.9 (includes 15.0-15.8)
Microsoft / Visual Studio 2017
|
version 15.9 (includes 15.0-15.8) | ||
|
Microsoft Visual Studio 2015 Update 3
Microsoft / Visual Studio 2015
|
cpe:/a:microsoft:visual_studio_2015:update_3
|
Update 3 | |
|
Microsoft Visual Studio Code Python extension for Visual Studio Code
Microsoft / Visual Studio Code
|
cpe:/a:microsoft:visual_studio_code:python_extension_for_visual_studio_code
|
Python extension for Visual Studio Code | |
|
Microsoft Visual Studio 2022 version 17.8
Microsoft / Visual Studio 2022
|
version 17.8 | ||
|
Open Source git <2.44.4
Open Source / git
|
<2.44.4 | ||
|
Microsoft Visual Studio 2019 version 16.11 (includes 16.0-16.10)
Microsoft / Visual Studio 2019
|
version 16.11 (includes 16.0-16.10) | ||
|
Open Source git <2.43.7
Open Source / git
|
<2.43.7 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.80
Red Hat / OpenShift
|
Container Platform <4.12.80 | ||
|
Red Hat OpenShift Container Platform <4.15.57
Red Hat / OpenShift
|
Container Platform <4.15.57 | ||
|
Red Hat OpenShift Container Platform <4.17.38
Red Hat / OpenShift
|
Container Platform <4.17.38 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Visual Studio 2022 version 17.12
Microsoft / Visual Studio 2022
|
version 17.12 | ||
|
Open Source git <2.46.4
Open Source / git
|
<2.46.4 | ||
|
Microsoft Visual Studio 2022 version 17.10
Microsoft / Visual Studio 2022
|
version 17.10 | ||
|
Open Source git <2.45.4
Open Source / git
|
<2.45.4 | ||
|
Open Source Gitea <1.24.3
Open Source / Gitea
|
<1.24.3 | ||
|
Open Source git <2.48.2
Open Source / git
|
<2.48.2 | ||
|
Microsoft Visual Studio 2022 version 17.14
Microsoft / Visual Studio 2022
|
version 17.14 | ||
|
Open Source git <2.47.3
Open Source / git
|
<2.47.3 | ||
|
Red Hat OpenShift Container Platform <4.18.22
Red Hat / OpenShift
|
Container Platform <4.18.22 | ||
|
Open Source git <2.49.1
Open Source / git
|
<2.49.1 |
References
48 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Microsoft Visual Studio ist eine integrierte Entwicklungsumgebung f\u00fcr Hochsprachen.\r\nVisual Studio Code ist ein Quelltext-Editor von Microsoft.\r\nGit ist eine freie Software zur verteilten Versionsverwaltung von Dateien.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Microsoft Visual Studio, Microsoft Visual Studio Code und git ausnutzen, um Administratorrechte zu erlangen, beliebigen Code auszuf\u00fchren, Daten zu manipulieren, einen Denial-of-Service-Zustand zu erzeugen und andere nicht spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1485 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1485.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1485 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1485"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "Mailing List OSS Security vom 2025-07-18",
"url": "https://seclists.org/oss-sec/2025/q3/13"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-B5FE483928 vom 2025-07-09",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-b5fe483928"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-0B7E43532E vom 2025-07-09",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-0b7e43532e"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202507-09 vom 2025-07-09",
"url": "https://security.gentoo.org/glsa/202507-09"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7626-1 vom 2025-07-08",
"url": "https://ubuntu.com/security/notices/USN-7626-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7626-2 vom 2025-07-09",
"url": "https://ubuntu.com/security/notices/USN-7626-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7626-3 vom 2025-07-11",
"url": "https://ubuntu.com/security/notices/USN-7626-3"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15337-1 vom 2025-07-12",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PEXXCKK2SHLP467JELDLXOF647W7254W/"
},
{
"category": "external",
"summary": "PoC von Datadog vom 2025-07-14",
"url": "https://securitylabs.datadoghq.com/articles/git-arbitrary-file-write/"
},
{
"category": "external",
"summary": "cPanel \u0026 WHM Change Log vom 2025-07-14",
"url": "https://docs.cpanel.net/changelogs/130-change-log/"
},
{
"category": "external",
"summary": "Gitea Release Notes vom 2025-07-16",
"url": "https://blog.gitea.com/release-of-1.24.3"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11462 vom 2025-07-22",
"url": "https://linux.oracle.com/errata/ELSA-2025-11462.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11462 vom 2025-07-21",
"url": "https://access.redhat.com/errata/RHSA-2025:11462"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11534 vom 2025-07-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-11534.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11533 vom 2025-07-22",
"url": "https://access.redhat.com/errata/RHSA-2025:11533"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11534 vom 2025-07-22",
"url": "https://access.redhat.com/errata/RHSA-2025:11534"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11533 vom 2025-07-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-11533.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11688 vom 2025-07-24",
"url": "https://access.redhat.com/errata/RHSA-2025:11688"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11686 vom 2025-07-24",
"url": "https://access.redhat.com/errata/RHSA-2025:11686"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11793 vom 2025-07-25",
"url": "https://access.redhat.com/errata/RHSA-2025:11793"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11801 vom 2025-07-28",
"url": "https://access.redhat.com/errata/RHSA-2025:11801"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11800 vom 2025-07-28",
"url": "https://access.redhat.com/errata/RHSA-2025:11800"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11794 vom 2025-07-28",
"url": "https://access.redhat.com/errata/RHSA-2025:11794"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11796 vom 2025-07-28",
"url": "https://access.redhat.com/errata/RHSA-2025:11796"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11795 vom 2025-07-28",
"url": "https://access.redhat.com/errata/RHSA-2025:11795"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2941 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2941.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13276 vom 2025-08-07",
"url": "https://access.redhat.com/errata/RHSA-2025:13276"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13325 vom 2025-08-13",
"url": "https://access.redhat.com/errata/RHSA-2025:13325"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11688 vom 2025-08-14",
"url": "https://linux.oracle.com/errata/ELSA-2025-11688.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13933 vom 2025-08-20",
"url": "https://access.redhat.com/errata/RHSA-2025:13933"
},
{
"category": "external",
"summary": "CISA KEV Catalog vom 2025-08-26",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14396 vom 2025-08-28",
"url": "https://access.redhat.com/errata/RHSA-2025:14396"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14059 vom 2025-08-28",
"url": "https://access.redhat.com/errata/RHSA-2025:14059"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03012-1 vom 2025-08-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022328.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03022-1 vom 2025-08-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022330.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03037-1 vom 2025-09-01",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ND5DRF6G47U5LGV54CLRCRAWDF7ADJUG/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14853 vom 2025-09-04",
"url": "https://access.redhat.com/errata/RHSA-2025:14853"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14858 vom 2025-09-04",
"url": "https://access.redhat.com/errata/RHSA-2025:14858"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15308 vom 2025-09-11",
"url": "https://access.redhat.com/errata/RHSA-2025:15308"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15828 vom 2025-09-15",
"url": "https://access.redhat.com/errata/RHSA-2025:15828"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15827 vom 2025-09-15",
"url": "https://access.redhat.com/errata/RHSA-2025:15827"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15672 vom 2025-09-18",
"url": "https://access.redhat.com/errata/RHSA-2025:15672"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20721-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022684.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4323 vom 2025-10-06",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20855-1 vom 2025-10-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023023.html"
}
],
"source_lang": "en-US",
"title": "Microsoft Developer Tools und git: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-26T23:00:00.000+00:00",
"generator": {
"date": "2025-10-27T10:04:19.260+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1485",
"initial_release_date": "2025-07-08T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-08T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-07-09T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-10T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von European Union Vulnerability Database und Ubuntu aufgenommen"
},
{
"date": "2025-07-13T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-07-14T22:00:00.000+00:00",
"number": "5",
"summary": "PoC aufgenommen"
},
{
"date": "2025-07-16T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-07-21T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-22T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-07-23T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-24T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-27T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-30T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-08-06T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-12T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-13T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-08-19T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-25T22:00:00.000+00:00",
"number": "17",
"summary": "Exploit aufgenommen"
},
{
"date": "2025-08-27T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-28T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-31T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-01T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-04T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-11T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-15T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-17T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-28T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-06T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-10-26T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "28"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Update 3",
"product": {
"name": "Microsoft Visual Studio 2015 Update 3",
"product_id": "T045168",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:visual_studio_2015:update_3"
}
}
}
],
"category": "product_name",
"name": "Visual Studio 2015"
},
{
"branches": [
{
"category": "product_version_range",
"name": "version 15.9 (includes 15.0-15.8)",
"product": {
"name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0-15.8)",
"product_id": "T045169"
}
}
],
"category": "product_name",
"name": "Visual Studio 2017"
},
{
"branches": [
{
"category": "product_version_range",
"name": "version 16.11 (includes 16.0-16.10)",
"product": {
"name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0-16.10)",
"product_id": "T045171"
}
}
],
"category": "product_name",
"name": "Visual Studio 2019"
},
{
"branches": [
{
"category": "product_version_range",
"name": "version 17.8",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.8",
"product_id": "T045172"
}
},
{
"category": "product_version_range",
"name": "version 17.10",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.10",
"product_id": "T045173"
}
},
{
"category": "product_version_range",
"name": "version 17.12",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.12",
"product_id": "T045174"
}
},
{
"category": "product_version_range",
"name": "version 17.14",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.14",
"product_id": "T045175"
}
}
],
"category": "product_name",
"name": "Visual Studio 2022"
},
{
"branches": [
{
"category": "product_version",
"name": "Python extension for Visual Studio Code",
"product": {
"name": "Microsoft Visual Studio Code Python extension for Visual Studio Code",
"product_id": "T045170",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:visual_studio_code:python_extension_for_visual_studio_code"
}
}
}
],
"category": "product_name",
"name": "Visual Studio Code"
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.24.3",
"product": {
"name": "Open Source Gitea \u003c1.24.3",
"product_id": "T045470"
}
},
{
"category": "product_version",
"name": "1.24.3",
"product": {
"name": "Open Source Gitea 1.24.3",
"product_id": "T045470-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:gitea:gitea:1.24.3"
}
}
}
],
"category": "product_name",
"name": "Gitea"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.43.7",
"product": {
"name": "Open Source git \u003c2.43.7",
"product_id": "T045193"
}
},
{
"category": "product_version",
"name": "2.43.7",
"product": {
"name": "Open Source git 2.43.7",
"product_id": "T045193-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:git:2.43.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.44.4",
"product": {
"name": "Open Source git \u003c2.44.4",
"product_id": "T045194"
}
},
{
"category": "product_version",
"name": "2.44.4",
"product": {
"name": "Open Source git 2.44.4",
"product_id": "T045194-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:git:2.44.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.45.4",
"product": {
"name": "Open Source git \u003c2.45.4",
"product_id": "T045195"
}
},
{
"category": "product_version",
"name": "2.45.4",
"product": {
"name": "Open Source git 2.45.4",
"product_id": "T045195-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:git:2.45.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.46.4",
"product": {
"name": "Open Source git \u003c2.46.4",
"product_id": "T045196"
}
},
{
"category": "product_version",
"name": "2.46.4",
"product": {
"name": "Open Source git 2.46.4",
"product_id": "T045196-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:git:2.46.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.47.3",
"product": {
"name": "Open Source git \u003c2.47.3",
"product_id": "T045197"
}
},
{
"category": "product_version",
"name": "2.47.3",
"product": {
"name": "Open Source git 2.47.3",
"product_id": "T045197-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:git:2.47.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.48.2",
"product": {
"name": "Open Source git \u003c2.48.2",
"product_id": "T045198"
}
},
{
"category": "product_version",
"name": "2.48.2",
"product": {
"name": "Open Source git 2.48.2",
"product_id": "T045198-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:git:2.48.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.49.1",
"product": {
"name": "Open Source git \u003c2.49.1",
"product_id": "T045199"
}
},
{
"category": "product_version",
"name": "2.49.1",
"product": {
"name": "Open Source git 2.49.1",
"product_id": "T045199-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:git:2.49.1"
}
}
}
],
"category": "product_name",
"name": "git"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Container Platform",
"product": {
"name": "Red Hat OpenShift Container Platform",
"product_id": "T040130",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.18.22",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.18.22",
"product_id": "T046065"
}
},
{
"category": "product_version",
"name": "Container Platform 4.18.22",
"product": {
"name": "Red Hat OpenShift Container Platform 4.18.22",
"product_id": "T046065-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.18.22"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.15.57",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.15.57",
"product_id": "T046523"
}
},
{
"category": "product_version",
"name": "Container Platform 4.15.57",
"product": {
"name": "Red Hat OpenShift Container Platform 4.15.57",
"product_id": "T046523-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.15.57"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.38",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.38",
"product_id": "T046524"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.38",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.38",
"product_id": "T046524-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.38"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.12.80",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.12.80",
"product_id": "T046943"
}
},
{
"category": "product_version",
"name": "Container Platform 4.12.80",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12.80",
"product_id": "T046943-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.12.80"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c130.0.2",
"product": {
"name": "cPanel cPanel/WHM \u003c130.0.2",
"product_id": "T045349"
}
},
{
"category": "product_version",
"name": "130.0.2",
"product": {
"name": "cPanel cPanel/WHM 130.0.2",
"product_id": "T045349-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:cpanel:cpanel_whm:130.0.2"
}
}
}
],
"category": "product_name",
"name": "cPanel/WHM"
}
],
"category": "vendor",
"name": "cPanel"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-27613",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T040130",
"T045349",
"398363",
"T045169",
"T045168",
"T045170",
"T045172",
"T045194",
"T045171",
"T045193",
"T012167",
"74185",
"T046943",
"T046523",
"T046524",
"2951",
"T002207",
"T000126",
"T027843",
"T045174",
"T045196",
"T045173",
"T045195",
"T045470",
"T045198",
"T045175",
"T045197",
"T046065",
"T045199"
]
},
"release_date": "2025-07-08T22:00:00.000+00:00",
"title": "CVE-2025-27613"
},
{
"cve": "CVE-2025-27614",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T040130",
"T045349",
"398363",
"T045169",
"T045168",
"T045170",
"T045172",
"T045194",
"T045171",
"T045193",
"T012167",
"74185",
"T046943",
"T046523",
"T046524",
"2951",
"T002207",
"T000126",
"T027843",
"T045174",
"T045196",
"T045173",
"T045195",
"T045470",
"T045198",
"T045175",
"T045197",
"T046065",
"T045199"
]
},
"release_date": "2025-07-08T22:00:00.000+00:00",
"title": "CVE-2025-27614"
},
{
"cve": "CVE-2025-46334",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T040130",
"T045349",
"398363",
"T045169",
"T045168",
"T045170",
"T045172",
"T045194",
"T045171",
"T045193",
"T012167",
"74185",
"T046943",
"T046523",
"T046524",
"2951",
"T002207",
"T000126",
"T027843",
"T045174",
"T045196",
"T045173",
"T045195",
"T045470",
"T045198",
"T045175",
"T045197",
"T046065",
"T045199"
]
},
"release_date": "2025-07-08T22:00:00.000+00:00",
"title": "CVE-2025-46334"
},
{
"cve": "CVE-2025-46835",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T040130",
"T045349",
"398363",
"T045169",
"T045168",
"T045170",
"T045172",
"T045194",
"T045171",
"T045193",
"T012167",
"74185",
"T046943",
"T046523",
"T046524",
"2951",
"T002207",
"T000126",
"T027843",
"T045174",
"T045196",
"T045173",
"T045195",
"T045470",
"T045198",
"T045175",
"T045197",
"T046065",
"T045199"
]
},
"release_date": "2025-07-08T22:00:00.000+00:00",
"title": "CVE-2025-46835"
},
{
"cve": "CVE-2025-48384",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T040130",
"T045349",
"398363",
"T045169",
"T045168",
"T045170",
"T045172",
"T045194",
"T045171",
"T045193",
"T012167",
"74185",
"T046943",
"T046523",
"T046524",
"2951",
"T002207",
"T000126",
"T027843",
"T045174",
"T045196",
"T045173",
"T045195",
"T045470",
"T045198",
"T045175",
"T045197",
"T046065",
"T045199"
]
},
"release_date": "2025-07-08T22:00:00.000+00:00",
"title": "CVE-2025-48384"
},
{
"cve": "CVE-2025-48385",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T040130",
"T045349",
"398363",
"T045169",
"T045168",
"T045170",
"T045172",
"T045194",
"T045171",
"T045193",
"T012167",
"74185",
"T046943",
"T046523",
"T046524",
"2951",
"T002207",
"T000126",
"T027843",
"T045174",
"T045196",
"T045173",
"T045195",
"T045470",
"T045198",
"T045175",
"T045197",
"T046065",
"T045199"
]
},
"release_date": "2025-07-08T22:00:00.000+00:00",
"title": "CVE-2025-48385"
},
{
"cve": "CVE-2025-48386",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T040130",
"T045349",
"398363",
"T045169",
"T045168",
"T045170",
"T045172",
"T045194",
"T045171",
"T045193",
"T012167",
"74185",
"T046943",
"T046523",
"T046524",
"2951",
"T002207",
"T000126",
"T027843",
"T045174",
"T045196",
"T045173",
"T045195",
"T045470",
"T045198",
"T045175",
"T045197",
"T046065",
"T045199"
]
},
"release_date": "2025-07-08T22:00:00.000+00:00",
"title": "CVE-2025-48386"
},
{
"cve": "CVE-2025-49714",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T040130",
"T045349",
"398363",
"T045169",
"T045168",
"T045170",
"T045172",
"T045194",
"T045171",
"T045193",
"T012167",
"74185",
"T046943",
"T046523",
"T046524",
"2951",
"T002207",
"T000126",
"T027843",
"T045174",
"T045196",
"T045173",
"T045195",
"T045470",
"T045198",
"T045175",
"T045197",
"T046065",
"T045199"
]
},
"release_date": "2025-07-08T22:00:00.000+00:00",
"title": "CVE-2025-49714"
},
{
"cve": "CVE-2025-49739",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T040130",
"T045349",
"398363",
"T045169",
"T045168",
"T045170",
"T045172",
"T045194",
"T045171",
"T045193",
"T012167",
"74185",
"T046943",
"T046523",
"T046524",
"2951",
"T002207",
"T000126",
"T027843",
"T045174",
"T045196",
"T045173",
"T045195",
"T045470",
"T045198",
"T045175",
"T045197",
"T046065",
"T045199"
]
},
"release_date": "2025-07-08T22:00:00.000+00:00",
"title": "CVE-2025-49739"
}
]
}
WID-SEC-W-2025-1905
Vulnerability from csaf_certbund - Published: 2025-08-25 22:00 - Updated: 2026-03-04 23:00Summary
IBM QRadar SIEM Komponente: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff: Ein Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM Komponenten ausnutzen, um Daten zu manipulieren, um einen Denial of Service Angriff durchzuführen, um beliebigen Programmcode auszuführen, um Sicherheitsvorkehrungen zu umgehen, und um Informationen offenzulegen.
Betroffene Betriebssysteme: - Linux
- UNIX
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
References
8 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM Komponenten ausnutzen, um Daten zu manipulieren, um einen Denial of Service Angriff durchzuf\u00fchren, um beliebigen Programmcode auszuf\u00fchren, um Sicherheitsvorkehrungen zu umgehen, und um Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1905 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1905.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1905 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1905"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7243011 vom 2025-08-25",
"url": "https://www.ibm.com/support/pages/node/7243011"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14746 vom 2025-08-27",
"url": "https://access.redhat.com/errata/RHSA-2025:14746"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14748 vom 2025-08-27",
"url": "https://access.redhat.com/errata/RHSA-2025:14748"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-17161 vom 2025-10-21",
"url": "https://linux.oracle.com/errata/ELSA-2025-17161.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-22910 vom 2026-01-29",
"url": "https://linux.oracle.com/errata/ELSA-2025-22910.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-1581 vom 2026-03-04",
"url": "https://linux.oracle.com/errata/ELSA-2026-1581.html"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM Komponente: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-04T23:00:00.000+00:00",
"generator": {
"date": "2026-03-05T09:20:05.962+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-1905",
"initial_release_date": "2025-08-25T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-08-25T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-27T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-20T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-01-29T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-04T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP13 IF01",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP13 IF01",
"product_id": "T046492"
}
},
{
"category": "product_version",
"name": "7.5.0 UP13 IF01",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP13 IF01",
"product_id": "T046492-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up13_if01"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-17543",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2019-17543"
},
{
"cve": "CVE-2019-5427",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2019-5427"
},
{
"cve": "CVE-2020-5260",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2020-5260"
},
{
"cve": "CVE-2022-49058",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49058"
},
{
"cve": "CVE-2022-49111",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49111"
},
{
"cve": "CVE-2022-49136",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49136"
},
{
"cve": "CVE-2022-49788",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49788"
},
{
"cve": "CVE-2022-49846",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49846"
},
{
"cve": "CVE-2022-49977",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49977"
},
{
"cve": "CVE-2022-50020",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-50020"
},
{
"cve": "CVE-2024-23337",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-23337"
},
{
"cve": "CVE-2024-28956",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-34397",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-34397"
},
{
"cve": "CVE-2024-43420",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-43420"
},
{
"cve": "CVE-2024-45332",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-45332"
},
{
"cve": "CVE-2024-50154",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-50154"
},
{
"cve": "CVE-2024-50349",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-50349"
},
{
"cve": "CVE-2024-52006",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-52006"
},
{
"cve": "CVE-2024-52533",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-52533"
},
{
"cve": "CVE-2024-53920",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-53920"
},
{
"cve": "CVE-2024-54661",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-54661"
},
{
"cve": "CVE-2024-57980",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-58002",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-6531",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-6531"
},
{
"cve": "CVE-2025-20012",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-20012"
},
{
"cve": "CVE-2025-20623",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-20623"
},
{
"cve": "CVE-2025-21905",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21905"
},
{
"cve": "CVE-2025-21919",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21928",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21928"
},
{
"cve": "CVE-2025-21991",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21991"
},
{
"cve": "CVE-2025-22004",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-22004"
},
{
"cve": "CVE-2025-22020",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-22020"
},
{
"cve": "CVE-2025-23150",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-24495",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-24495"
},
{
"cve": "CVE-2025-27613",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-27613"
},
{
"cve": "CVE-2025-27614",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-27614"
},
{
"cve": "CVE-2025-32415",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-32415"
},
{
"cve": "CVE-2025-37738",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-37738"
},
{
"cve": "CVE-2025-37890",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-38052",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-38052"
},
{
"cve": "CVE-2025-38079",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-38079"
},
{
"cve": "CVE-2025-38086",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-38086"
},
{
"cve": "CVE-2025-4373",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-4373"
},
{
"cve": "CVE-2025-46835",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-46835"
},
{
"cve": "CVE-2025-47273",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-47273"
},
{
"cve": "CVE-2025-48060",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-48060"
},
{
"cve": "CVE-2025-48384",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-48384"
},
{
"cve": "CVE-2025-48385",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-48385"
},
{
"cve": "CVE-2025-49794",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-49794"
},
{
"cve": "CVE-2025-49796",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-52434",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-52434"
},
{
"cve": "CVE-2025-52520",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-52520"
},
{
"cve": "CVE-2025-53506",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-53506"
},
{
"cve": "CVE-2025-55668",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-55668"
},
{
"cve": "CVE-2025-6021",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-6021"
},
{
"cve": "CVE-2025-6965",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-7425",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-7425"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…