Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-11621 (GCVE-0-2025-11621)
Vulnerability from cvelistv5 – Published: 2025-10-23 19:08 – Updated: 2025-10-24 03:55
VLAI?
EPSS
Title
Vault AWS auth method bypass due to AWS client cache
Summary
Vault and Vault Enterprise’s (“Vault”) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27
Severity ?
8.1 (High)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| HashiCorp | Vault |
Affected:
0.6.0 , < 1.21.0
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11621",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T03:55:22.629Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Vault",
"repo": "https://github.com/hashicorp/vault",
"vendor": "HashiCorp",
"versions": [
{
"lessThan": "1.21.0",
"status": "affected",
"version": "0.6.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Vault Enterprise",
"repo": "https://github.com/hashicorp/vault",
"vendor": "HashiCorp",
"versions": [
{
"changes": [
{
"at": "1.20.5",
"status": "unaffected"
},
{
"at": "1.19.11",
"status": "unaffected"
},
{
"at": "1.16.27",
"status": "unaffected"
}
],
"lessThan": "1.21.0",
"status": "affected",
"version": "0.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eVault and Vault Enterprise\u2019s (\u201cVault\u201d) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27\u003c/p\u003e\u003cbr/\u003e"
}
],
"value": "Vault and Vault Enterprise\u2019s (\u201cVault\u201d) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115: Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T19:08:54.989Z",
"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"shortName": "HashiCorp"
},
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709"
}
],
"source": {
"advisory": "HCSEC-2025-30",
"discovery": "EXTERNAL"
},
"title": "Vault AWS auth method bypass due to AWS client cache"
}
},
"cveMetadata": {
"assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"assignerShortName": "HashiCorp",
"cveId": "CVE-2025-11621",
"datePublished": "2025-10-23T19:08:54.989Z",
"dateReserved": "2025-10-10T19:48:57.601Z",
"dateUpdated": "2025-10-24T03:55:22.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-11621\",\"sourceIdentifier\":\"security@hashicorp.com\",\"published\":\"2025-10-23T19:15:48.893\",\"lastModified\":\"2025-10-27T13:20:15.637\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vault and Vault Enterprise\u2019s (\u201cVault\u201d) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@hashicorp.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"security@hashicorp.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-288\"}]}],\"references\":[{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709\",\"source\":\"security@hashicorp.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-11621\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-23T20:31:11.603619Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-23T20:31:32.573Z\"}}], \"cna\": {\"title\": \"Vault AWS auth method bypass due to AWS client cache\", \"source\": {\"advisory\": \"HCSEC-2025-30\", \"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-115\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-115: Authentication Bypass\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/hashicorp/vault\", \"vendor\": \"HashiCorp\", \"product\": \"Vault\", \"versions\": [{\"status\": \"affected\", \"version\": \"0.6.0\", \"lessThan\": \"1.21.0\", \"versionType\": \"semver\"}], \"platforms\": [\"64 bit\", \"32 bit\", \"x86\", \"ARM\", \"MacOS\", \"Windows\", \"Linux\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://github.com/hashicorp/vault\", \"vendor\": \"HashiCorp\", \"product\": \"Vault Enterprise\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"1.20.5\", \"status\": \"unaffected\"}, {\"at\": \"1.19.11\", \"status\": \"unaffected\"}, {\"at\": \"1.16.27\", \"status\": \"unaffected\"}], \"version\": \"0.6.0\", \"lessThan\": \"1.21.0\", \"versionType\": \"semver\"}], \"platforms\": [\"64 bit\", \"32 bit\", \"x86\", \"ARM\", \"MacOS\", \"Windows\", \"Linux\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vault and Vault Enterprise\\u2019s (\\u201cVault\\u201d) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eVault and Vault Enterprise\\u2019s (\\u201cVault\\u201d) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27\u003c/p\u003e\u003cbr/\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-288\", \"description\": \"CWE-288: Authentication Bypass Using an Alternate Path or Channel\"}]}], \"providerMetadata\": {\"orgId\": \"67fedba0-ff2e-4543-ba5b-aa93e87718cc\", \"shortName\": \"HashiCorp\", \"dateUpdated\": \"2025-10-23T19:08:54.989Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-11621\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-24T03:55:22.629Z\", \"dateReserved\": \"2025-10-10T19:48:57.601Z\", \"assignerOrgId\": \"67fedba0-ff2e-4543-ba5b-aa93e87718cc\", \"datePublished\": \"2025-10-23T19:08:54.989Z\", \"assignerShortName\": \"HashiCorp\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
FKIE_CVE-2025-11621
Vulnerability from fkie_nvd - Published: 2025-10-23 19:15 - Updated: 2025-10-27 13:20
Severity ?
Summary
Vault and Vault Enterprise’s (“Vault”) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vault and Vault Enterprise\u2019s (\u201cVault\u201d) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27"
}
],
"id": "CVE-2025-11621",
"lastModified": "2025-10-27T13:20:15.637",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "security@hashicorp.com",
"type": "Secondary"
}
]
},
"published": "2025-10-23T19:15:48.893",
"references": [
{
"source": "security@hashicorp.com",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709"
}
],
"sourceIdentifier": "security@hashicorp.com",
"vulnStatus": "Undergoing Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-288"
}
],
"source": "security@hashicorp.com",
"type": "Secondary"
}
]
}
RHSA-2025:21981
Vulnerability from csaf_redhat - Published: 2025-11-24 16:47 - Updated: 2025-12-16 10:20Summary
Red Hat Security Advisory: RHTAS 1.3.1 - Red Hat Trusted Artifact Signer Release
Notes
Topic
The 1.3.1 release of Red Hat Trusted Artifact Signer OpenShift Operator.
For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3
Details
The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19, and 4.20
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.3.1 release of Red Hat Trusted Artifact Signer OpenShift Operator.\nFor more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19, and 4.20",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21981",
"url": "https://access.redhat.com/errata/RHSA-2025:21981"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-11621",
"url": "https://access.redhat.com/security/cve/CVE-2025-11621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12044",
"url": "https://access.redhat.com/security/cve/CVE-2025-12044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21981.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.3.1 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2025-12-16T10:20:29+00:00",
"generator": {
"date": "2025-12-16T10:20:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:21981",
"initial_release_date": "2025-11-24T16:47:41+00:00",
"revision_history": [
{
"date": "2025-11-24T16:47:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-15T11:24:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-16T10:20:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.3",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-backfill-redis-rhel9@sha256%3A57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.3.1-1763545636"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-cli-rhel9@sha256%3A3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.3.1-1763547807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-server-rhel9@sha256%3A799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.3.1-1763545685"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64 as a component of Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64 as a component of Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64 as a component of Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11621",
"cwe": {
"id": "CWE-288",
"name": "Authentication Bypass Using an Alternate Path or Channel"
},
"discovery_date": "2025-10-23T20:01:10.013624+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406096"
}
],
"notes": [
{
"category": "description",
"text": "Vault and Vault Enterprise\u2019s (\u201cVault\u201d) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/hashicorp/vault: Vault AWS auth method bypass due to AWS client cache",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11621"
},
{
"category": "external",
"summary": "RHBZ#2406096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11621",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11621"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709"
},
{
"category": "external",
"summary": "https://github.com/hashicorp/vault/commit/054c35de0c830fd7cb9991bec8b0e6a0c793e98d",
"url": "https://github.com/hashicorp/vault/commit/054c35de0c830fd7cb9991bec8b0e6a0c793e98d"
}
],
"release_date": "2025-10-23T19:08:54.989000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-24T16:47:41+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21981"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/hashicorp/vault: Vault AWS auth method bypass due to AWS client cache"
},
{
"cve": "CVE-2025-12044",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-23T20:01:21.807999+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406098"
}
],
"notes": [
{
"category": "description",
"text": "Vault and Vault Enterprise (\u201cVault\u201d) are vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for [+HCSEC-2025-24+|https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393]\u00a0 which allowed for processing JSON payloads before applying rate limits. This vulnerability, CVE-2025-12044, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.16.27, 1.19.11, 1.20.5, and 1.21.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12044"
},
{
"category": "external",
"summary": "RHBZ#2406098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406098"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12044"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710"
},
{
"category": "external",
"summary": "https://github.com/hashicorp/vault/commit/0adb749a82071ac312d05aef8bc0fe79b6ad49a6",
"url": "https://github.com/hashicorp/vault/commit/0adb749a82071ac312d05aef8bc0fe79b6ad49a6"
}
],
"release_date": "2025-10-23T19:15:16.567000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-24T16:47:41+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21981"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:57f1db8dd5e9cb42078a20c065c1f3052175a88d77b656f4c8e903ab40088303_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:3782ef36eac0a40b3b8d018476d0af7505d2a81f0ccb993644e8c5f20f1cd566_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:799b0b86f83f0fdf450ecbd2726419570b15f6ec5ba5b814750d45b8269e4dac_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression"
}
]
}
RHSA-2025:21984
Vulnerability from csaf_redhat - Published: 2025-11-24 17:11 - Updated: 2025-12-16 10:20Summary
Red Hat Security Advisory: RHTAS 1.3.1 - Red Hat Trusted Artifact Signer Release
Notes
Topic
The 1.3.1 release of Red Hat Trusted Artifact Signer OpenShift Operator.
For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3
Details
The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19, and 4.20
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.3.1 release of Red Hat Trusted Artifact Signer OpenShift Operator.\nFor more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19, and 4.20",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21984",
"url": "https://access.redhat.com/errata/RHSA-2025:21984"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-11621",
"url": "https://access.redhat.com/security/cve/CVE-2025-11621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12044",
"url": "https://access.redhat.com/security/cve/CVE-2025-12044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21984.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.3.1 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2025-12-16T10:20:31+00:00",
"generator": {
"date": "2025-12-16T10:20:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:21984",
"initial_release_date": "2025-11-24T17:11:01+00:00",
"revision_history": [
{
"date": "2025-11-24T17:11:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-15T11:24:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-16T10:20:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.3",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64",
"product": {
"name": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64",
"product_id": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64",
"product_identification_helper": {
"purl": "pkg:oci/timestamp-authority-rhel9@sha256%3A7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.3.1-1763543194"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64 as a component of Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64"
},
"product_reference": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11621",
"cwe": {
"id": "CWE-288",
"name": "Authentication Bypass Using an Alternate Path or Channel"
},
"discovery_date": "2025-10-23T20:01:10.013624+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406096"
}
],
"notes": [
{
"category": "description",
"text": "Vault and Vault Enterprise\u2019s (\u201cVault\u201d) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/hashicorp/vault: Vault AWS auth method bypass due to AWS client cache",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11621"
},
{
"category": "external",
"summary": "RHBZ#2406096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11621",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11621"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709"
},
{
"category": "external",
"summary": "https://github.com/hashicorp/vault/commit/054c35de0c830fd7cb9991bec8b0e6a0c793e98d",
"url": "https://github.com/hashicorp/vault/commit/054c35de0c830fd7cb9991bec8b0e6a0c793e98d"
}
],
"release_date": "2025-10-23T19:08:54.989000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-24T17:11:01+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21984"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/hashicorp/vault: Vault AWS auth method bypass due to AWS client cache"
},
{
"cve": "CVE-2025-12044",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-23T20:01:21.807999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406098"
}
],
"notes": [
{
"category": "description",
"text": "Vault and Vault Enterprise (\u201cVault\u201d) are vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for [+HCSEC-2025-24+|https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393]\u00a0 which allowed for processing JSON payloads before applying rate limits. This vulnerability, CVE-2025-12044, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.16.27, 1.19.11, 1.20.5, and 1.21.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12044"
},
{
"category": "external",
"summary": "RHBZ#2406098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406098"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12044"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710"
},
{
"category": "external",
"summary": "https://github.com/hashicorp/vault/commit/0adb749a82071ac312d05aef8bc0fe79b6ad49a6",
"url": "https://github.com/hashicorp/vault/commit/0adb749a82071ac312d05aef8bc0fe79b6ad49a6"
}
],
"release_date": "2025-10-23T19:15:16.567000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-24T17:11:01+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21984"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression"
}
]
}
RHSA-2025:22058
Vulnerability from csaf_redhat - Published: 2025-11-25 08:59 - Updated: 2025-12-16 10:20Summary
Red Hat Security Advisory: RHTAS 1.3.1 - Tech Preview Release Of the Policy Controller Operator
Notes
Topic
The Tech Preview release of the RHTAS Policy Controller Operator.
For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3
Details
The RHTAS Policy Controller Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18, and 4.19
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Tech Preview release of the RHTAS Policy Controller Operator.\nFor more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Policy Controller Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18, and 4.19",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22058",
"url": "https://access.redhat.com/errata/RHSA-2025:22058"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-11621",
"url": "https://access.redhat.com/security/cve/CVE-2025-11621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12044",
"url": "https://access.redhat.com/security/cve/CVE-2025-12044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22058.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.3.1 - Tech Preview Release Of the Policy Controller Operator",
"tracking": {
"current_release_date": "2025-12-16T10:20:32+00:00",
"generator": {
"date": "2025-12-16T10:20:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:22058",
"initial_release_date": "2025-11-25T08:59:13+00:00",
"revision_history": [
{
"date": "2025-11-25T08:59:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-15T11:24:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-16T10:20:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.3",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64",
"product": {
"name": "registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64",
"product_id": "registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64",
"product_identification_helper": {
"purl": "pkg:oci/policy-controller-rhel9@sha256%3A7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=0.0.2-1763550444"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64 as a component of Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64"
},
"product_reference": "registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11621",
"cwe": {
"id": "CWE-288",
"name": "Authentication Bypass Using an Alternate Path or Channel"
},
"discovery_date": "2025-10-23T20:01:10.013624+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406096"
}
],
"notes": [
{
"category": "description",
"text": "Vault and Vault Enterprise\u2019s (\u201cVault\u201d) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/hashicorp/vault: Vault AWS auth method bypass due to AWS client cache",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11621"
},
{
"category": "external",
"summary": "RHBZ#2406096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11621",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11621"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709"
},
{
"category": "external",
"summary": "https://github.com/hashicorp/vault/commit/054c35de0c830fd7cb9991bec8b0e6a0c793e98d",
"url": "https://github.com/hashicorp/vault/commit/054c35de0c830fd7cb9991bec8b0e6a0c793e98d"
}
],
"release_date": "2025-10-23T19:08:54.989000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-25T08:59:13+00:00",
"details": "The RHTAS Policy Controller Operator is Helm-based operator for deploying and managing instances of the Sigstore Policy Controller on OpenShift. It is a self-managed on-premise deployment of the Policy Controller Helm Charts available at https://github.com/sigstore/helm-charts/tree/main/charts/policy-controller Platform Engineers, Software Developers and Security Professionals may use the RHTAS Policy Controller Operator to enforce policies on OCP clusters by using supply-chain metadata.\nFor details on using the RHTAS Policy Controller Operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22058"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/hashicorp/vault: Vault AWS auth method bypass due to AWS client cache"
},
{
"cve": "CVE-2025-12044",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-23T20:01:21.807999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406098"
}
],
"notes": [
{
"category": "description",
"text": "Vault and Vault Enterprise (\u201cVault\u201d) are vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for [+HCSEC-2025-24+|https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393]\u00a0 which allowed for processing JSON payloads before applying rate limits. This vulnerability, CVE-2025-12044, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.16.27, 1.19.11, 1.20.5, and 1.21.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12044"
},
{
"category": "external",
"summary": "RHBZ#2406098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406098"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12044"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710"
},
{
"category": "external",
"summary": "https://github.com/hashicorp/vault/commit/0adb749a82071ac312d05aef8bc0fe79b6ad49a6",
"url": "https://github.com/hashicorp/vault/commit/0adb749a82071ac312d05aef8bc0fe79b6ad49a6"
}
],
"release_date": "2025-10-23T19:15:16.567000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-25T08:59:13+00:00",
"details": "The RHTAS Policy Controller Operator is Helm-based operator for deploying and managing instances of the Sigstore Policy Controller on OpenShift. It is a self-managed on-premise deployment of the Policy Controller Helm Charts available at https://github.com/sigstore/helm-charts/tree/main/charts/policy-controller Platform Engineers, Software Developers and Security Professionals may use the RHTAS Policy Controller Operator to enforce policies on OCP clusters by using supply-chain metadata.\nFor details on using the RHTAS Policy Controller Operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22058"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/policy-controller-rhel9@sha256:7172d6a08594cccd155c2f74110cfbafadb812af84bb6b75c8bec1e3c416bd26_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression"
}
]
}
RHSA-2025:21988
Vulnerability from csaf_redhat - Published: 2025-11-24 17:31 - Updated: 2025-12-16 10:20Summary
Red Hat Security Advisory: RHTAS 1.3.1 - Red Hat Trusted Artifact Signer Release
Notes
Topic
The 1.3.1 release of Red Hat Trusted Artifact Signer OpenShift Operator.
For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3
Details
The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19, and 4.20.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.3.1 release of Red Hat Trusted Artifact Signer OpenShift Operator.\nFor more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19, and 4.20.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21988",
"url": "https://access.redhat.com/errata/RHSA-2025:21988"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-11621",
"url": "https://access.redhat.com/security/cve/CVE-2025-11621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12044",
"url": "https://access.redhat.com/security/cve/CVE-2025-12044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21988.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.3.1 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2025-12-16T10:20:31+00:00",
"generator": {
"date": "2025-12-16T10:20:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:21988",
"initial_release_date": "2025-11-24T17:31:18+00:00",
"revision_history": [
{
"date": "2025-11-24T17:31:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-15T11:24:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-16T10:20:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.3",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"product": {
"name": "registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"product_id": "registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/client-server-rhel9@sha256%3Acddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.3.1-1763550070"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"product": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"product_id": "registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cosign-rhel9@sha256%3Aa6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.3.1-1763546693"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64",
"product": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64",
"product_id": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitsign-rhel9@sha256%3A882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.3.1-1763545956"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64 as a component of Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64"
},
"product_reference": "registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64 as a component of Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64"
},
"product_reference": "registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64 as a component of Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64"
},
"product_reference": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11621",
"cwe": {
"id": "CWE-288",
"name": "Authentication Bypass Using an Alternate Path or Channel"
},
"discovery_date": "2025-10-23T20:01:10.013624+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406096"
}
],
"notes": [
{
"category": "description",
"text": "Vault and Vault Enterprise\u2019s (\u201cVault\u201d) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/hashicorp/vault: Vault AWS auth method bypass due to AWS client cache",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11621"
},
{
"category": "external",
"summary": "RHBZ#2406096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11621",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11621"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709"
},
{
"category": "external",
"summary": "https://github.com/hashicorp/vault/commit/054c35de0c830fd7cb9991bec8b0e6a0c793e98d",
"url": "https://github.com/hashicorp/vault/commit/054c35de0c830fd7cb9991bec8b0e6a0c793e98d"
}
],
"release_date": "2025-10-23T19:08:54.989000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-24T17:31:18+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21988"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/hashicorp/vault: Vault AWS auth method bypass due to AWS client cache"
},
{
"cve": "CVE-2025-12044",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-23T20:01:21.807999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406098"
}
],
"notes": [
{
"category": "description",
"text": "Vault and Vault Enterprise (\u201cVault\u201d) are vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for [+HCSEC-2025-24+|https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393]\u00a0 which allowed for processing JSON payloads before applying rate limits. This vulnerability, CVE-2025-12044, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.16.27, 1.19.11, 1.20.5, and 1.21.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12044"
},
{
"category": "external",
"summary": "RHBZ#2406098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406098"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12044"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710"
},
{
"category": "external",
"summary": "https://github.com/hashicorp/vault/commit/0adb749a82071ac312d05aef8bc0fe79b6ad49a6",
"url": "https://github.com/hashicorp/vault/commit/0adb749a82071ac312d05aef8bc0fe79b6ad49a6"
}
],
"release_date": "2025-10-23T19:15:16.567000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-24T17:31:18+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21988"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/client-server-rhel9@sha256:cddda466bc9957f1c3902da3a0cf37ef3ec08f4aeb8c50a421405540120b75cf_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/cosign-rhel9@sha256:a6f3dba2c7ec8cdf7a87a2e8679da66c2248b44c7e15611205f096a6c1629f88_amd64",
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/gitsign-rhel9@sha256:882d508ec7d71fb3e13ee240ee295ee91884700d63029bb58bd456b6d23fd5e0_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression"
}
]
}
RHSA-2025:21976
Vulnerability from csaf_redhat - Published: 2025-11-24 16:14 - Updated: 2025-12-16 10:20Summary
Red Hat Security Advisory: RHTAS 1.3.1 - Red Hat Trusted Artifact Signer Release
Notes
Topic
The 1.3.1 release of Red Hat Trusted Artifact Signer OpenShift Operator.
For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3
Details
The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19, and 4.20
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.3.1 release of Red Hat Trusted Artifact Signer OpenShift Operator.\nFor more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19, and 4.20",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21976",
"url": "https://access.redhat.com/errata/RHSA-2025:21976"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-11621",
"url": "https://access.redhat.com/security/cve/CVE-2025-11621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12044",
"url": "https://access.redhat.com/security/cve/CVE-2025-12044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21976.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.3.1 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2025-12-16T10:20:30+00:00",
"generator": {
"date": "2025-12-16T10:20:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:21976",
"initial_release_date": "2025-11-24T16:14:59+00:00",
"revision_history": [
{
"date": "2025-11-24T16:14:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-15T11:24:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-16T10:20:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.3",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64",
"product": {
"name": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64",
"product_id": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fulcio-rhel9@sha256%3Ab19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1.3.1-1763543131"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64 as a component of Red Hat Trusted Artifact Signer 1.3",
"product_id": "Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64"
},
"product_reference": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11621",
"cwe": {
"id": "CWE-288",
"name": "Authentication Bypass Using an Alternate Path or Channel"
},
"discovery_date": "2025-10-23T20:01:10.013624+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406096"
}
],
"notes": [
{
"category": "description",
"text": "Vault and Vault Enterprise\u2019s (\u201cVault\u201d) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/hashicorp/vault: Vault AWS auth method bypass due to AWS client cache",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11621"
},
{
"category": "external",
"summary": "RHBZ#2406096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11621",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11621"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709"
},
{
"category": "external",
"summary": "https://github.com/hashicorp/vault/commit/054c35de0c830fd7cb9991bec8b0e6a0c793e98d",
"url": "https://github.com/hashicorp/vault/commit/054c35de0c830fd7cb9991bec8b0e6a0c793e98d"
}
],
"release_date": "2025-10-23T19:08:54.989000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-24T16:14:59+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21976"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/hashicorp/vault: Vault AWS auth method bypass due to AWS client cache"
},
{
"cve": "CVE-2025-12044",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-23T20:01:21.807999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406098"
}
],
"notes": [
{
"category": "description",
"text": "Vault and Vault Enterprise (\u201cVault\u201d) are vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for [+HCSEC-2025-24+|https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393]\u00a0 which allowed for processing JSON payloads before applying rate limits. This vulnerability, CVE-2025-12044, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.16.27, 1.19.11, 1.20.5, and 1.21.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12044"
},
{
"category": "external",
"summary": "RHBZ#2406098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406098"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12044"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710"
},
{
"category": "external",
"summary": "https://github.com/hashicorp/vault/commit/0adb749a82071ac312d05aef8bc0fe79b6ad49a6",
"url": "https://github.com/hashicorp/vault/commit/0adb749a82071ac312d05aef8bc0fe79b6ad49a6"
}
],
"release_date": "2025-10-23T19:15:16.567000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-24T16:14:59+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.3/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21976"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.3:registry.redhat.io/rhtas/fulcio-rhel9@sha256:b19900ebbf9cac67196127a60ea2434a8ce2011b17bab15a0e7fc96cf38a63fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression"
}
]
}
OPENSUSE-SU-2025:15710-1
Vulnerability from csaf_opensuse - Published: 2025-11-07 00:00 - Updated: 2025-11-07 00:00Summary
govulncheck-vulndb-0.0.20251105T184115-1.1 on GA media
Notes
Title of the patch
govulncheck-vulndb-0.0.20251105T184115-1.1 on GA media
Description of the patch
These are all security issues fixed in the govulncheck-vulndb-0.0.20251105T184115-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15710
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "govulncheck-vulndb-0.0.20251105T184115-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20251105T184115-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15710",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15710-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11063 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11066 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11067 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11068 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11069 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11070 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11071 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11072 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11073 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11074 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11075 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11076 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11077 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11078 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11079 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11080 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11081 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11082 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11083 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-11084 page",
"url": "https://www.suse.com/security/cve/CVE-2016-11084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18872 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32199 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58269 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10545 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11374 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11579 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-26625 page",
"url": "https://www.suse.com/security/cve/CVE-2025-26625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27093 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-41410 page",
"url": "https://www.suse.com/security/cve/CVE-2025-41410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-41443 page",
"url": "https://www.suse.com/security/cve/CVE-2025-41443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54286 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54286/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54287 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54287/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54288 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54289 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54290 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54291 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54293 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54293/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54469 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54470 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54471 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58073 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58356 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59043 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59048 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59048/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59530 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61524 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61581 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61688 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62506 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62714 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64101 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64102 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64103/"
}
],
"title": "govulncheck-vulndb-0.0.20251105T184115-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-07T00:00:00Z",
"generator": {
"date": "2025-11-07T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15710-1",
"initial_release_date": "2025-11-07T00:00:00Z",
"revision_history": [
{
"date": "2025-11-07T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"product": {
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"product_id": "govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"product": {
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"product_id": "govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"product": {
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"product_id": "govulncheck-vulndb-0.0.20251105T184115-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64",
"product": {
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64",
"product_id": "govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64"
},
"product_reference": "govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le"
},
"product_reference": "govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x"
},
"product_reference": "govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
},
"product_reference": "govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-11063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11063"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.5.1. XSS can occur via file preview.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11063",
"url": "https://www.suse.com/security/cve/CVE-2016-11063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11063"
},
{
"cve": "CVE-2016-11066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11066"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11066",
"url": "https://www.suse.com/security/cve/CVE-2016-11066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11066"
},
{
"cve": "CVE-2016-11067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11067"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11067",
"url": "https://www.suse.com/security/cve/CVE-2016-11067"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11067"
},
{
"cve": "CVE-2016-11068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11068"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11068",
"url": "https://www.suse.com/security/cve/CVE-2016-11068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11068"
},
{
"cve": "CVE-2016-11069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11069"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11069",
"url": "https://www.suse.com/security/cve/CVE-2016-11069"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11069"
},
{
"cve": "CVE-2016-11070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11070"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11070",
"url": "https://www.suse.com/security/cve/CVE-2016-11070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-11070"
},
{
"cve": "CVE-2016-11071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11071"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11071",
"url": "https://www.suse.com/security/cve/CVE-2016-11071"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11071"
},
{
"cve": "CVE-2016-11072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11072"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.0.2. The purposes of a session ID and a Session Token were mishandled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11072",
"url": "https://www.suse.com/security/cve/CVE-2016-11072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11072"
},
{
"cve": "CVE-2016-11073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11073"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11073",
"url": "https://www.suse.com/security/cve/CVE-2016-11073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11073"
},
{
"cve": "CVE-2016-11074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11074"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11074",
"url": "https://www.suse.com/security/cve/CVE-2016-11074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-11074"
},
{
"cve": "CVE-2016-11075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11075"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11075",
"url": "https://www.suse.com/security/cve/CVE-2016-11075"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11075"
},
{
"cve": "CVE-2016-11076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11076"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.0.0. It does not ensure that a cookie is used over SSL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11076",
"url": "https://www.suse.com/security/cve/CVE-2016-11076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11076"
},
{
"cve": "CVE-2016-11077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11077"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11077",
"url": "https://www.suse.com/security/cve/CVE-2016-11077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11077"
},
{
"cve": "CVE-2016-11078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11078"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11078",
"url": "https://www.suse.com/security/cve/CVE-2016-11078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11078"
},
{
"cve": "CVE-2016-11079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11079"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11079",
"url": "https://www.suse.com/security/cve/CVE-2016-11079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11079"
},
{
"cve": "CVE-2016-11080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11080"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11080",
"url": "https://www.suse.com/security/cve/CVE-2016-11080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11080"
},
{
"cve": "CVE-2016-11081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11081"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11081",
"url": "https://www.suse.com/security/cve/CVE-2016-11081"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11081"
},
{
"cve": "CVE-2016-11082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11082"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11082",
"url": "https://www.suse.com/security/cve/CVE-2016-11082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11082"
},
{
"cve": "CVE-2016-11083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11083"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11083",
"url": "https://www.suse.com/security/cve/CVE-2016-11083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11083"
},
{
"cve": "CVE-2016-11084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-11084"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 2.1.0. It allows XSS via CSRF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-11084",
"url": "https://www.suse.com/security/cve/CVE-2016-11084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-11084"
},
{
"cve": "CVE-2017-18872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18872"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Mattermost Server before 4.4.3 and 4.3.3. Attackers could reconfigure an OAuth app in some cases where Mattermost is an OAuth 2.0 service provider.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18872",
"url": "https://www.suse.com/security/cve/CVE-2017-18872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-18872"
},
{
"cve": "CVE-2023-32199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32199"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified within Rancher \nManager, where after removing a custom GlobalRole that gives \nadministrative access or the corresponding binding, the user still \nretains access to clusters. This only affects custom Global Roles that have a * on * in * rule for resources or have a * on * rule for non-resource URLs",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32199",
"url": "https://www.suse.com/security/cve/CVE-2023-32199"
},
{
"category": "external",
"summary": "SUSE Bug 1249102 for CVE-2023-32199",
"url": "https://bugzilla.suse.com/1249102"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-32199"
},
{
"cve": "CVE-2024-58269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58269"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in Rancher Manager, where sensitive \ninformation, including secret data, cluster import URLs, and \nregistration tokens, is exposed to any entity with access to Rancher \naudit logs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58269",
"url": "https://www.suse.com/security/cve/CVE-2024-58269"
},
{
"category": "external",
"summary": "SUSE Bug 1251532 for CVE-2024-58269",
"url": "https://bugzilla.suse.com/1251532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-58269"
},
{
"cve": "CVE-2025-10545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10545"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.5.x \u003c= 10.5.10, 10.11.x \u003c= 10.11.2 fail to properly validate guest user permissions when adding channel members which allows guest users to add any team members to their private channels via the `/api/v4/channels/{channel_id}/members` endpoint",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10545",
"url": "https://www.suse.com/security/cve/CVE-2025-10545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-10545"
},
{
"cve": "CVE-2025-10678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10678"
}
],
"notes": [
{
"category": "general",
"text": "NetBird VPN when installed using vendor\u0027s provided script failed to remove or change default password of an admin account created by ZITADEL.\nThis issue affects instances installed using vendor\u0027s provided script. This issue may affect instances created with Docker if the default password was not changed nor the user was removed.\n\nThis issue has been fixed in version 0.57.0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10678",
"url": "https://www.suse.com/security/cve/CVE-2025-10678"
},
{
"category": "external",
"summary": "SUSE Bug 1252329 for CVE-2025-10678",
"url": "https://bugzilla.suse.com/1252329"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-10678"
},
{
"cve": "CVE-2025-10954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10954"
}
],
"notes": [
{
"category": "general",
"text": "Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse() function. An attacker can cause a panic by providing crafted input causing a \"runtime error: slice bounds out of range\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10954",
"url": "https://www.suse.com/security/cve/CVE-2025-10954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-10954"
},
{
"cve": "CVE-2025-11374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11374"
}
],
"notes": [
{
"category": "general",
"text": "Consul and Consul Enterprise\u0027s (\"Consul\") key/value endpoint is vulnerable to denial of service (DoS) due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11374",
"url": "https://www.suse.com/security/cve/CVE-2025-11374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-11374"
},
{
"cve": "CVE-2025-11375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11375"
}
],
"notes": [
{
"category": "general",
"text": "Consul and Consul Enterprise\u0027s (\"Consul\") event endpoint is vulnerable to denial of service (DoS) due to lack of maximum value on the Content Length header. This vulnerability, CVE-2025-11375, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11375",
"url": "https://www.suse.com/security/cve/CVE-2025-11375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-11375"
},
{
"cve": "CVE-2025-11579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11579"
}
],
"notes": [
{
"category": "general",
"text": "github.com/nwaples/rardecode versions \u003c=2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11579",
"url": "https://www.suse.com/security/cve/CVE-2025-11579"
},
{
"category": "external",
"summary": "SUSE Bug 1251871 for CVE-2025-11579",
"url": "https://bugzilla.suse.com/1251871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-11579"
},
{
"cve": "CVE-2025-11621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11621"
}
],
"notes": [
{
"category": "general",
"text": "Vault and Vault Enterprise\u0027s (\"Vault\") AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11621",
"url": "https://www.suse.com/security/cve/CVE-2025-11621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-11621"
},
{
"cve": "CVE-2025-12044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12044"
}
],
"notes": [
{
"category": "general",
"text": "Vault and Vault Enterprise (\"Vault\") are vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for [+HCSEC-2025-24+|https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393] which allowed for processing JSON payloads before applying rate limits. This vulnerability, CVE-2025-12044, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.16.27, 1.19.11, 1.20.5, and 1.21.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12044",
"url": "https://www.suse.com/security/cve/CVE-2025-12044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-12044"
},
{
"cve": "CVE-2025-26625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-26625"
}
],
"notes": [
{
"category": "general",
"text": "Git LFS is a Git extension for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository\u0027s working tree with the contents of Git LFS objects, certain Git LFS commands may write to files visible outside the current Git working tree if symbolic or hard links exist which collide with the paths of files tracked by Git LFS. The git lfs checkout and git lfs pull commands do not check for symbolic links before writing to files in the working tree, allowing an attacker to craft a repository containing symbolic or hard links that cause Git LFS to write to arbitrary file system locations accessible to the user running these commands. As well, when the git lfs checkout and git lfs pull commands are run in a bare repository, they could write to files visible outside the repository. The vulnerability is fixed in version 3.7.1. As a workaround, support for symlinks in Git may be disabled by setting the core.symlinks configuration option to false, after which further clones and fetches will not create symbolic links. However, any symbolic or hard links in existing repositories will still provide the opportunity for Git LFS to write to their targets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-26625",
"url": "https://www.suse.com/security/cve/CVE-2025-26625"
},
{
"category": "external",
"summary": "SUSE Bug 1252259 for CVE-2025-26625",
"url": "https://bugzilla.suse.com/1252259"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-26625"
},
{
"cve": "CVE-2025-27093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27093"
}
],
"notes": [
{
"category": "general",
"text": "Sliver is a command and control framework that uses a custom Wireguard netstack. In versions 1.5.43 and earlier, and in development version 1.6.0-dev, the netstack does not limit traffic between Wireguard clients. This allows clients to communicate with each other unrestrictedly, potentially enabling leaked or recovered keypairs to be used to attack operators or allowing port forwardings to be accessible from other implants.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27093",
"url": "https://www.suse.com/security/cve/CVE-2025-27093"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-27093"
},
{
"cve": "CVE-2025-41410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-41410"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.10.x \u003c= 10.10.2, 10.5.x \u003c= 10.5.10, 10.11.x \u003c= 10.11.2 fail to validate email ownership during Slack import process which allows attackers to create verified user accounts with arbitrary email domains via malicious Slack import data to bypass email-based team access restrictions",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-41410",
"url": "https://www.suse.com/security/cve/CVE-2025-41410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-41410"
},
{
"cve": "CVE-2025-41443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-41443"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.5.x \u003c= 10.5.12, 10.11.x \u003c= 10.11.2 fail to properly validate guest user permissions when accessing channel information which allows guest users to discover active public channels and their metadata via the `/api/v4/teams/{team_id}/channels/ids` endpoint",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-41443",
"url": "https://www.suse.com/security/cve/CVE-2025-41443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-41443"
},
{
"cve": "CVE-2025-54286",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54286"
}
],
"notes": [
{
"category": "general",
"text": "Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD versions \u003e= 5.0 on Linux allows an attacker to create and start container instances without user consent via crafted HTML form submissions exploiting client certificate authentication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54286",
"url": "https://www.suse.com/security/cve/CVE-2025-54286"
},
{
"category": "external",
"summary": "SUSE Bug 1250945 for CVE-2025-54286",
"url": "https://bugzilla.suse.com/1250945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-54286"
},
{
"cve": "CVE-2025-54287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54287"
}
],
"notes": [
{
"category": "general",
"text": "Template Injection in instance snapshot creation component in Canonical LXD (\u003e= 4.0) allows an attacker with instance configuration \npermissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54287",
"url": "https://www.suse.com/security/cve/CVE-2025-54287"
},
{
"category": "external",
"summary": "SUSE Bug 1250943 for CVE-2025-54287",
"url": "https://bugzilla.suse.com/1250943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-54287"
},
{
"cve": "CVE-2025-54288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54288"
}
],
"notes": [
{
"category": "general",
"text": "Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the command line.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54288",
"url": "https://www.suse.com/security/cve/CVE-2025-54288"
},
{
"category": "external",
"summary": "SUSE Bug 1250939 for CVE-2025-54288",
"url": "https://bugzilla.suse.com/1250939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-54288"
},
{
"cve": "CVE-2025-54289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54289"
}
],
"notes": [
{
"category": "general",
"text": "Privilege Escalation in operations API in Canonical LXD \u003c6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54289",
"url": "https://www.suse.com/security/cve/CVE-2025-54289"
},
{
"category": "external",
"summary": "SUSE Bug 1250933 for CVE-2025-54289",
"url": "https://bugzilla.suse.com/1250933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-54289"
},
{
"cve": "CVE-2025-54290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54290"
}
],
"notes": [
{
"category": "general",
"text": "Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54290",
"url": "https://www.suse.com/security/cve/CVE-2025-54290"
},
{
"category": "external",
"summary": "SUSE Bug 1250934 for CVE-2025-54290",
"url": "https://bugzilla.suse.com/1250934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-54290"
},
{
"cve": "CVE-2025-54291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54291"
}
],
"notes": [
{
"category": "general",
"text": "Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54291",
"url": "https://www.suse.com/security/cve/CVE-2025-54291"
},
{
"category": "external",
"summary": "SUSE Bug 1250935 for CVE-2025-54291",
"url": "https://bugzilla.suse.com/1250935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-54291"
},
{
"cve": "CVE-2025-54293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54293"
}
],
"notes": [
{
"category": "general",
"text": "Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54293",
"url": "https://www.suse.com/security/cve/CVE-2025-54293"
},
{
"category": "external",
"summary": "SUSE Bug 1250936 for CVE-2025-54293",
"url": "https://bugzilla.suse.com/1250936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-54293"
},
{
"cve": "CVE-2025-54469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54469"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to generate a command to be executed via popen, without first sanitising their values.\n\n\nThe entry process of the enforcer container is the monitor\n process. When the enforcer container stops, the monitor process checks \nwhether the consul subprocess has exited. To perform this check, the \nmonitor process uses the popen function to execute a shell command that determines whether the ports used by the consul subprocess are still active.\n\n\nThe values of environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT\n are used directly to compose shell commands via popen without \nvalidation or sanitization. This behavior could allow a malicious user \nto inject malicious commands through these variables within the enforcer\n container.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54469",
"url": "https://www.suse.com/security/cve/CVE-2025-54469"
},
{
"category": "external",
"summary": "SUSE Bug 1249340 for CVE-2025-54469",
"url": "https://bugzilla.suse.com/1249340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-54469"
},
{
"cve": "CVE-2025-54470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54470"
}
],
"notes": [
{
"category": "general",
"text": "This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server.\n\n\nIn affected versions, NeuVector does not enforce TLS \ncertificate verification when transmitting anonymous cluster data to the\n telemetry server. As a result, the communication channel is susceptible\n to man-in-the-middle (MITM) attacks, where an attacker could intercept \nor modify the transmitted data. Additionally, NeuVector loads the \nresponse of the telemetry server is loaded into memory without size \nlimitation, which makes it vulnerable to a Denial of Service(DoS) \nattack",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54470",
"url": "https://www.suse.com/security/cve/CVE-2025-54470"
},
{
"category": "external",
"summary": "SUSE Bug 1249341 for CVE-2025-54470",
"url": "https://bugzilla.suse.com/1249341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-54470"
},
{
"cve": "CVE-2025-54471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54471"
}
],
"notes": [
{
"category": "general",
"text": "NeuVector used a hard-coded cryptographic key embedded in the source \ncode. At compilation time, the key value was replaced with the secret \nkey value and used to encrypt sensitive configurations when NeuVector \nstores the data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54471",
"url": "https://www.suse.com/security/cve/CVE-2025-54471"
},
{
"category": "external",
"summary": "SUSE Bug 1249376 for CVE-2025-54471",
"url": "https://bugzilla.suse.com/1249376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-54471"
},
{
"cve": "CVE-2025-54499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54499"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.5.x \u003c= 10.5.10, 10.11.x \u003c= 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54499",
"url": "https://www.suse.com/security/cve/CVE-2025-54499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-54499"
},
{
"cve": "CVE-2025-58073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58073"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.11.x \u003c= 10.11.1, 10.10.x \u003c= 10.10.2, 10.5.x \u003c= 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the OAuth state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58073",
"url": "https://www.suse.com/security/cve/CVE-2025-58073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-58073"
},
{
"cve": "CVE-2025-58075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58075"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.11.x \u003c= 10.11.1, 10.10.x \u003c= 10.10.2, 10.5.x \u003c= 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the RelayState",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58075",
"url": "https://www.suse.com/security/cve/CVE-2025-58075"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-58075"
},
{
"cve": "CVE-2025-58356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58356"
}
],
"notes": [
{
"category": "general",
"text": "Constellation is the first Confidential Kubernetes. The Constellation CVM image uses LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the CVM uses the libcryptsetup function crypt_activate_by_passhrase. If the VM is successful in opening the partition with the disk encryption key, it treats the volume as confidential. However, due to the unsafe handling of null keyslot algorithms in the cryptsetup 2.8.1, it is possible that the opened volume is not encrypted at all. Cryptsetup prior to version 2.8.1 does not report an error when processing LUKS2-formatted disks that use the cipher_null-ecb algorithm in the keyslot encryption field. This vulnerability is fixed in 2.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58356",
"url": "https://www.suse.com/security/cve/CVE-2025-58356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2025-58356"
},
{
"cve": "CVE-2025-59043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59043"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao is an open source identity-based secrets management system. In OpenBao versions prior to 2.4.1, JSON objects after decoding may use significantly more memory than their serialized version. It is possible to craft a JSON payload to maximize the factor between serialized memory usage and deserialized memory usage, similar to a zip bomb, with factors reaching approximately 35. This can be used to circumvent the max_request_size configuration parameter which is intended to protect against denial of service attacks. The request body is parsed into a map very early in the request handling chain before authentication, which means an unauthenticated attacker can send a specifically crafted JSON object and cause an out-of-memory crash. Additionally, for requests with large numbers of strings, the audit subsystem can consume large quantities of CPU. The vulnerability is fixed in version 2.4.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59043",
"url": "https://www.suse.com/security/cve/CVE-2025-59043"
},
{
"category": "external",
"summary": "SUSE Bug 1252280 for CVE-2025-59043",
"url": "https://bugzilla.suse.com/1252280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-59043"
},
{
"cve": "CVE-2025-59048",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59048"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao\u0027s AWS Plugin generates AWS access credentials based on IAM policies. Prior to version 0.1.1, the AWS Plugin is vulnerable to cross-account IAM role Impersonation in the AWS auth method. The vulnerability allows an IAM role from an untrusted AWS account to authenticate by impersonating a role with the same name in a trusted account, leading to unauthorized access. This impacts all users of the auth-aws plugin who operate in a multi-account AWS environment where IAM role names may not be unique across accounts. This vulnerability has been patched in version 0.1.1 of the auth-aws plugin. A workaround for this issue involves guaranteeing that IAM role names are unique across all AWS accounts that could potentially interact with your OpenBao environment, and to audit for any duplicate IAM roles.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59048",
"url": "https://www.suse.com/security/cve/CVE-2025-59048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-59048"
},
{
"cve": "CVE-2025-59530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59530"
}
],
"notes": [
{
"category": "general",
"text": "quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service (DoS) attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authentication and can be exploited during the handshake phase. This was observed in the wild with certain server implementations. quic-go needs to be able to handle misbehaving server implementations, including those that prematurely send a HANDSHAKE_DONE frame. Versions 0.49.0, 0.54.1, and 0.55.0 discard Initial keys when receiving a HANDSHAKE_DONE frame, thereby correctly handling premature HANDSHAKE_DONE frames.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59530",
"url": "https://www.suse.com/security/cve/CVE-2025-59530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-59530"
},
{
"cve": "CVE-2025-59836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59836"
}
],
"notes": [
{
"category": "general",
"text": "Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, there is a nil pointer dereference vulnerability in the Omni Resource Service allows unauthenticated users to cause a server panic and denial of service by sending empty create/update resource requests through the API endpoints. The vulnerability exists in the isSensitiveSpec function which calls grpcomni.CreateResource without checking if the resource\u0027s metadata field is nil. When a resource is created with an empty Metadata field, the CreateResource function attempts to access resource.Metadata.Version causing a segmentation fault. This vulnerability is fixed in 1.1.5 and 1.0.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59836",
"url": "https://www.suse.com/security/cve/CVE-2025-59836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-59836"
},
{
"cve": "CVE-2025-59937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59937"
}
],
"notes": [
{
"category": "general",
"text": "go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong address routing or even ESMTP parameter smuggling. For successful exploitation, it is required that the user\u0027s code allows for arbitrary mail address input (i. e. through a web form or similar). If only static mail addresses are used (i. e. in a config file) and the mail addresses in use do not consist of quoted local parts, this should not affect users. This issue is fixed in version 0.7.1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59937",
"url": "https://www.suse.com/security/cve/CVE-2025-59937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-59937"
},
{
"cve": "CVE-2025-61141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61141"
}
],
"notes": [
{
"category": "general",
"text": "sqls-server/sqls 0.2.28 is vulnerable to command injection in the config command because the openEditor function passes the EDITOR environment variable and config file path to sh -c without sanitization, allowing attackers to execute arbitrary commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61141",
"url": "https://www.suse.com/security/cve/CVE-2025-61141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-61141"
},
{
"cve": "CVE-2025-61524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61524"
}
],
"notes": [
{
"category": "general",
"text": "An issue in the permission verification module and organization/application editing interface in Casdoor v2.26.0 and before, and fixed in v.2.63.0, allows remote authenticated administrators of any organization within the system to bypass the system\u0027s permission verification mechanism by directly concatenating URLs after login",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61524",
"url": "https://www.suse.com/security/cve/CVE-2025-61524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-61524"
},
{
"cve": "CVE-2025-61581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61581"
}
],
"notes": [
{
"category": "general",
"text": "** UNSUPPORTED WHEN ASSIGNED ** Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control.\n\nThis issue affects Apache Traffic Control: all versions.\n\nPeople with access to the management interface of the Traffic Router component could specify malicious patterns and cause unavailability.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61581",
"url": "https://www.suse.com/security/cve/CVE-2025-61581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-61581"
},
{
"cve": "CVE-2025-61688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61688"
}
],
"notes": [
{
"category": "general",
"text": "Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, Omni might leak sensitive information via an API.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61688",
"url": "https://www.suse.com/security/cve/CVE-2025-61688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-61688"
},
{
"cve": "CVE-2025-62156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62156"
}
],
"notes": [
{
"category": "general",
"text": "Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain a Zip Slip path traversal vulnerability in artifact extraction. During artifact extraction the unpack/untar logic (workflow/executor/executor.go) uses filepath.Join(dest, filepath.Clean(header.Name)) without validating that header.Name stays within the intended extraction directory. A malicious archive entry can supply a traversal or absolute path that, after cleaning, overrides the destination directory and causes files to be written outside the /work/tmp extraction path and into system directories such as /etc inside the container. The vulnerability enables arbitrary file creation or overwrite in system configuration locations (for example /etc/passwd, /etc/hosts, /etc/crontab), which can lead to privilege escalation or persistence within the affected container. Update to 3.6.12 or 3.7.3 to remediate the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62156",
"url": "https://www.suse.com/security/cve/CVE-2025-62156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-62156"
},
{
"cve": "CVE-2025-62157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62157"
}
],
"notes": [
{
"category": "general",
"text": "Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissions to read pod logs in a namespace running Argo Workflows can read the workflow-controller logs and obtain credentials to the artifact repository. Update to versions 3.6.12 or 3.7.3 to remediate the vulnerability. No known workarounds exist.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62157",
"url": "https://www.suse.com/security/cve/CVE-2025-62157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-62157"
},
{
"cve": "CVE-2025-62375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62375"
}
],
"notes": [
{
"category": "general",
"text": "go-witness and witness are Go modules for generating attestations. In go-witness versions 0.8.6 and earlier and witness versions 0.9.2 and earlier the AWS attestor improperly verifies AWS EC2 instance identity documents. Verification can incorrectly succeed when a signature is not present or is empty, and when RSA signature verification fails. The attestor also embeds a single legacy global AWS public certificate and does not account for newer region specific certificates issued in 2024, making detection of forged documents difficult without additional trusted region data. An attacker able to supply or intercept instance identity document data (such as through Instance Metadata Service impersonation) can cause a forged identity document to be accepted, leading to incorrect trust decisions based on the attestation. This is fixed in go-witness 0.9.1 and witness 0.10.1. As a workaround, manually verify the included identity document, signature, and public key with standard tools (for example openssl) following AWS\u0027s verification guidance, or disable use of the AWS attestor until upgraded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62375",
"url": "https://www.suse.com/security/cve/CVE-2025-62375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-62375"
},
{
"cve": "CVE-2025-62506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62506"
}
],
"notes": [
{
"category": "general",
"text": "MinIO is a high-performance object storage system. In all versions prior to RELEASE.2025-10-15T17-29-55Z, a privilege escalation vulnerability allows service accounts and STS (Security Token Service) accounts with restricted session policies to bypass their inline policy restrictions when performing operations on their own account, specifically when creating new service accounts for the same user. The vulnerability exists in the IAM policy validation logic where the code incorrectly relied on the DenyOnly argument when validating session policies for restricted accounts. When a session policy is present, the system should validate that the action is allowed by the session policy, not just that it is not denied. An attacker with valid credentials for a restricted service or STS account can create a new service account for itself without policy restrictions, resulting in a new service account with full parent privileges instead of being restricted by the inline policy. This allows the attacker to access buckets and objects beyond their intended restrictions and modify, delete, or create objects outside their authorized scope. The vulnerability is fixed in version RELEASE.2025-10-15T17-29-55Z.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62506",
"url": "https://www.suse.com/security/cve/CVE-2025-62506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-62506"
},
{
"cve": "CVE-2025-62513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62513"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao is an open source identity-based secrets management system. In versions 2.2.0 to 2.4.1, OpenBao\u0027s audit log experienced a regression wherein raw HTTP bodies used by few endpoints were not correctly redacted (HMAC\u0027d). This impacts those using the ACME functionality of PKI, resulting in short-lived ACME verification challenge codes being leaked in the audit logs. Additionally, this impacts those using the OIDC issuer functionality of the identity subsystem, auth and token response codes along with claims could be leaked in the audit logs. ACME verification codes are not usable after verification or challenge expiry so are of limited long-term use. This issue has been patched in OpenBao 2.4.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62513",
"url": "https://www.suse.com/security/cve/CVE-2025-62513"
},
{
"category": "external",
"summary": "SUSE Bug 1252506 for CVE-2025-62513",
"url": "https://bugzilla.suse.com/1252506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-62513"
},
{
"cve": "CVE-2025-62705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62705"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao is an open source identity-based secrets management system. Prior to version 2.4.2, OpenBao\u0027s audit log did not appropriately redact fields when relevant subsystems sent []byte response parameters rather than strings. This includes, but is not limited to sys/raw with use of encoding=base64, all data would be emitted unredacted to the audit log, and Transit, when performing a signing operation with a derived Ed25519 key, would emit public keys to the audit log. This issue has been patched in OpenBao 2.4.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62705",
"url": "https://www.suse.com/security/cve/CVE-2025-62705"
},
{
"category": "external",
"summary": "SUSE Bug 1252505 for CVE-2025-62705",
"url": "https://bugzilla.suse.com/1252505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-62705"
},
{
"cve": "CVE-2025-62714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62714"
}
],
"notes": [
{
"category": "general",
"text": "Karmada Dashboard is a general-purpose, web-based control panel for Karmada which is a multi-cluster management project. Prior to version 0.2.0, there is an authentication bypass vulnerability in the Karmada Dashboard API. The backend API endpoints (e.g., /api/v1/secret, /api/v1/service) did not enforce authentication, allowing unauthenticated users to access sensitive cluster information such as Secrets and Services directly. Although the web UI required a valid JWT for access, the API itself remained exposed to direct requests without any authentication checks. Any user or entity with network access to the Karmada Dashboard service could exploit this vulnerability to retrieve sensitive data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62714",
"url": "https://www.suse.com/security/cve/CVE-2025-62714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2025-62714"
},
{
"cve": "CVE-2025-62725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62725"
}
],
"notes": [
{
"category": "general",
"text": "Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker-supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cache directory and writes the file there. This affects any platform or workflow that resolves remote OCI compose artifacts, Docker Desktop, standalone Compose binaries on Linux, CI/CD runners, cloud dev environments is affected. An attacker can escape the cache directory and overwrite arbitrary files on the machine running docker compose, even if the user only runs read-only commands such as docker compose config or docker compose ps. This issue is fixed in v2.40.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62725",
"url": "https://www.suse.com/security/cve/CVE-2025-62725"
},
{
"category": "external",
"summary": "SUSE Bug 1252752 for CVE-2025-62725",
"url": "https://bugzilla.suse.com/1252752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-62725"
},
{
"cve": "CVE-2025-62820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62820"
}
],
"notes": [
{
"category": "general",
"text": "Slack Nebula before 1.9.7 mishandles CIDR in some configurations and thus accepts arbitrary source IP addresses within the Nebula network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62820",
"url": "https://www.suse.com/security/cve/CVE-2025-62820"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-62820"
},
{
"cve": "CVE-2025-64101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64101"
}
],
"notes": [
{
"category": "general",
"text": "Zitadel is open-source identity infrastructure software. Prior to 4.6.0, 3.4.3, and 2.71.18, a potential vulnerability exists in ZITADEL\u0027s password reset mechanism. ZITADEL utilizes the Forwarded or X-Forwarded-Host header from incoming requests to construct the URL for the password reset confirmation link. This link, containing a secret code, is then emailed to the user. If an attacker can manipulate these headers (e.g., via host header injection), they could cause ZITADEL to generate a password reset link pointing to a malicious domain controlled by the attacker. If the user clicks this manipulated link in the email, the secret reset code embedded in the URL can be captured by the attacker. This captured code could then be used to reset the user\u0027s password and gain unauthorized access to their account. It\u0027s important to note that this specific attack vector is mitigated for accounts that have Multi-Factor Authentication (MFA) or Passwordless authentication enabled. This vulnerability is fixed in 4.6.0, 3.4.3, and 2.71.18.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64101",
"url": "https://www.suse.com/security/cve/CVE-2025-64101"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-64101"
},
{
"cve": "CVE-2025-64102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64102"
}
],
"notes": [
{
"category": "general",
"text": "Zitadel is open-source identity infrastructure software. Prior to 4.6.0, 3.4.3, and 2.71.18, an attacker can perform an online brute-force attack on OTP, TOTP, and passwords. While Zitadel allows preventing online brute force attacks in scenarios like TOTP, Email OTP, or passwords using a lockout mechanism. The mechanism is not enabled by default and can cause a denial of service for the corresponding user if enabled. Additionally, the mitigation strategies were not fully implemented in the more recent resource-based APIs. This vulnerability is fixed in 4.6.0, 3.4.3, and 2.71.18.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64102",
"url": "https://www.suse.com/security/cve/CVE-2025-64102"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-64102"
},
{
"cve": "CVE-2025-64103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64103"
}
],
"notes": [
{
"category": "general",
"text": "Starting from 2.53.6, 2.54.3, and 2.55.0, Zitadel only required multi factor authentication in case the login policy has either enabled requireMFA or requireMFAForLocalUsers. If a user has set up MFA without this requirement, Zitadel would consider single factor auhtenticated sessions as valid as well and not require multiple factors. Bypassing second authentication factors weakens multifactor authentication and enables attackers to bypass the more secure factor. An attacker can target the TOTP code alone, only six digits, bypassing password verification entirely and potentially compromising accounts with 2FA enabled. This vulnerability is fixed in 4.6.0, 3.4.3, and 2.71.18.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64103",
"url": "https://www.suse.com/security/cve/CVE-2025-64103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-64103"
}
]
}
WID-SEC-W-2025-2396
Vulnerability from csaf_certbund - Published: 2025-10-23 22:00 - Updated: 2025-11-24 23:00Summary
Hashicorp Vault: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Vault ist ein identitätsbasiertes System zur Verwaltung von Geheimnissen und Verschlüsselung.
Angriff
Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Hashicorp Vault ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Vault ist ein identit\u00e4tsbasiertes System zur Verwaltung von Geheimnissen und Verschl\u00fcsselung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Hashicorp Vault ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2396 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2396.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2396 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2396"
},
{
"category": "external",
"summary": "Hashicorp Security Advisory vom 2025-10-23",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709"
},
{
"category": "external",
"summary": "Hashicorp Security Advisory vom 2025-10-23",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21984 vom 2025-11-24",
"url": "https://access.redhat.com/errata/RHSA-2025:21984"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21981 vom 2025-11-24",
"url": "https://access.redhat.com/errata/RHSA-2025:21981"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21976 vom 2025-11-24",
"url": "https://access.redhat.com/errata/RHSA-2025:21976"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21988 vom 2025-11-24",
"url": "https://access.redhat.com/errata/RHSA-2025:21988"
}
],
"source_lang": "en-US",
"title": "Hashicorp Vault: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-24T23:00:00.000+00:00",
"generator": {
"date": "2025-11-25T08:37:13.360+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2396",
"initial_release_date": "2025-10-23T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-26T23:00:00.000+00:00",
"number": "2",
"summary": "CVSSv3.1 korrigiert"
},
{
"date": "2025-11-24T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Community Edition \u003c1.21.0",
"product": {
"name": "Hashicorp Vault Community Edition \u003c1.21.0",
"product_id": "T048100"
}
},
{
"category": "product_version",
"name": "Community Edition 1.21.0",
"product": {
"name": "Hashicorp Vault Community Edition 1.21.0",
"product_id": "T048100-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hashicorp:vault:community_edition__1.21.0"
}
}
},
{
"category": "product_version_range",
"name": "Enterprise \u003c1.21.0",
"product": {
"name": "Hashicorp Vault Enterprise \u003c1.21.0",
"product_id": "T048101"
}
},
{
"category": "product_version",
"name": "Enterprise 1.21.0",
"product": {
"name": "Hashicorp Vault Enterprise 1.21.0",
"product_id": "T048101-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hashicorp:vault:enterprise__1.21.0"
}
}
},
{
"category": "product_version_range",
"name": "Enterprise \u003c1.19.11",
"product": {
"name": "Hashicorp Vault Enterprise \u003c1.19.11",
"product_id": "T048102"
}
},
{
"category": "product_version",
"name": "Enterprise 1.19.11",
"product": {
"name": "Hashicorp Vault Enterprise 1.19.11",
"product_id": "T048102-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hashicorp:vault:enterprise__1.19.11"
}
}
},
{
"category": "product_version_range",
"name": "Enterprise \u003c1.16.27",
"product": {
"name": "Hashicorp Vault Enterprise \u003c1.16.27",
"product_id": "T048103"
}
},
{
"category": "product_version",
"name": "Enterprise 1.16.27",
"product": {
"name": "Hashicorp Vault Enterprise 1.16.27",
"product_id": "T048103-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hashicorp:vault:enterprise__1.16.27"
}
}
},
{
"category": "product_version_range",
"name": "Enterprise \u003c1.20.5",
"product": {
"name": "Hashicorp Vault Enterprise \u003c1.20.5",
"product_id": "T048106"
}
},
{
"category": "product_version",
"name": "Enterprise 1.20.5",
"product": {
"name": "Hashicorp Vault Enterprise 1.20.5",
"product_id": "T048106-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hashicorp:vault:enterprise__1.20.5"
}
}
}
],
"category": "product_name",
"name": "Vault"
}
],
"category": "vendor",
"name": "Hashicorp"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11621",
"product_status": {
"known_affected": [
"67646",
"T048102",
"T048101",
"T048100",
"T048106",
"T048103"
]
},
"release_date": "2025-10-23T22:00:00.000+00:00",
"title": "CVE-2025-11621"
},
{
"cve": "CVE-2025-12044",
"product_status": {
"known_affected": [
"67646",
"T048102",
"T048101",
"T048100",
"T048106",
"T048103"
]
},
"release_date": "2025-10-23T22:00:00.000+00:00",
"title": "CVE-2025-12044"
}
]
}
GHSA-9G4H-H484-3578
Vulnerability from github – Published: 2025-10-23 21:31 – Updated: 2025-10-23 22:24
VLAI?
Summary
HashiCorp Vault and Vault Enterprise's AWS Auth method may be susceptible to authentication bypass
Details
Vault and Vault Enterprise's ("Vault") AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27.
Severity ?
8.1 (High)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/hashicorp/vault"
},
"ranges": [
{
"events": [
{
"introduced": "0.6.0"
},
{
"fixed": "1.21.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-11621"
],
"database_specific": {
"cwe_ids": [
"CWE-288"
],
"github_reviewed": true,
"github_reviewed_at": "2025-10-23T22:21:01Z",
"nvd_published_at": "2025-10-23T19:15:48Z",
"severity": "HIGH"
},
"details": "Vault and Vault Enterprise\u0027s (\"Vault\") AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same across AWS accounts, or uses a wildcard. This vulnerability is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5, 1.19.11, and 1.16.27.",
"id": "GHSA-9g4h-h484-3578",
"modified": "2025-10-23T22:24:03Z",
"published": "2025-10-23T21:31:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11621"
},
{
"type": "WEB",
"url": "https://github.com/hashicorp/vault/commit/8d07273d14ae7f5a48cc96f66cc86615dea83390"
},
{
"type": "WEB",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-30-vault-aws-auth-method-authentication-bypass-through-mishandling-of-cache-entries/76709"
},
{
"type": "PACKAGE",
"url": "https://github.com/hashicorp/vault"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "HashiCorp Vault and Vault Enterprise\u0027s AWS Auth method may be susceptible to authentication bypass"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…