Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-22872 (GCVE-0-2025-22872)
Vulnerability from cvelistv5 – Published: 2025-04-16 17:13 – Updated: 2025-05-16 23:03
VLAI?
EPSS
Summary
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. <math>, <svg>, etc contexts).
Severity ?
6.5 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| golang.org/x/net | golang.org/x/net/html |
Affected:
0 , < 0.38.0
(semver)
|
Credits
Sean Ng (https://ensy.zip)
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-22872",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T20:14:29.607584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T20:15:13.433Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-05-16T23:03:07.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250516-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/html",
"product": "golang.org/x/net/html",
"programRoutines": [
{
"name": "Tokenizer.readStartTag"
},
{
"name": "Parse"
},
{
"name": "ParseFragment"
},
{
"name": "ParseFragmentWithOptions"
},
{
"name": "ParseWithOptions"
},
{
"name": "Tokenizer.Next"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.38.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sean Ng (https://ensy.zip)"
}
],
"descriptions": [
{
"lang": "en",
"value": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:13:02.550Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/662715"
},
{
"url": "https://go.dev/issue/73070"
},
{
"url": "https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3595"
}
],
"title": "Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-22872",
"datePublished": "2025-04-16T17:13:02.550Z",
"dateReserved": "2025-01-08T19:11:42.834Z",
"dateUpdated": "2025-05-16T23:03:07.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-22872\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-04-16T18:16:04.183\",\"lastModified\":\"2025-05-16T23:15:19.707\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).\"},{\"lang\":\"es\",\"value\":\"El tokenizador interpreta incorrectamente las etiquetas con valores de atributo sin comillas que terminan en barra (/) como autocerradas. Al usar el tokenizador directamente, esto puede provocar que dichas etiquetas se marquen incorrectamente como autocerradas, y al usar las funciones de an\u00e1lisis, esto puede provocar que el contenido posterior a dichas etiquetas se coloque en el \u00e1mbito incorrecto durante la construcci\u00f3n del DOM, pero solo cuando las etiquetas se encuentran en contenido externo (por ejemplo, contextos , , etc.).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.7}]},\"references\":[{\"url\":\"https://go.dev/cl/662715\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/73070\",\"source\":\"security@golang.org\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-3595\",\"source\":\"security@golang.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20250516-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20250516-0007/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-05-16T23:03:07.693Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-22872\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-16T20:14:29.607584Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-16T20:14:58.303Z\"}}], \"cna\": {\"title\": \"Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net\", \"credits\": [{\"lang\": \"en\", \"value\": \"Sean Ng (https://ensy.zip)\"}], \"affected\": [{\"vendor\": \"golang.org/x/net\", \"product\": \"golang.org/x/net/html\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.38.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/net/html\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Tokenizer.readStartTag\"}, {\"name\": \"Parse\"}, {\"name\": \"ParseFragment\"}, {\"name\": \"ParseFragmentWithOptions\"}, {\"name\": \"ParseWithOptions\"}, {\"name\": \"Tokenizer.Next\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/662715\"}, {\"url\": \"https://go.dev/issue/73070\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-3595\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-79\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-04-16T17:13:02.550Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-22872\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-16T23:03:07.693Z\", \"dateReserved\": \"2025-01-08T19:11:42.834Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2025-04-16T17:13:02.550Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
OPENSUSE-SU-2025:15235-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
kubernetes1.31-apiserver-1.31.10-1.1 on GA media
Notes
Title of the patch
kubernetes1.31-apiserver-1.31.10-1.1 on GA media
Description of the patch
These are all security issues fixed in the kubernetes1.31-apiserver-1.31.10-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15235
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kubernetes1.31-apiserver-1.31.10-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kubernetes1.31-apiserver-1.31.10-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15235",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15235-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "kubernetes1.31-apiserver-1.31.10-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15235-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-apiserver-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-client-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-client-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-client-common-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-controller-manager-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-kubeadm-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-kubelet-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-proxy-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-scheduler-1.31.10-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-apiserver-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-client-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-client-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-client-common-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-kubelet-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-proxy-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-scheduler-1.31.10-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-apiserver-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-client-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-client-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-client-common-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-controller-manager-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-kubeadm-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-kubelet-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-kubelet-common-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-proxy-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-scheduler-1.31.10-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-apiserver-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-client-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-client-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-client-common-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-controller-manager-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-kubeadm-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-kubelet-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-proxy-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-scheduler-1.31.10-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-client-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-client-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-client-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-client-common-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-proxy-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-scheduler-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15046-1
Vulnerability from csaf_opensuse - Published: 2025-05-02 00:00 - Updated: 2025-05-02 00:00Summary
docker-28.1.1_ce-16.1 on GA media
Notes
Title of the patch
docker-28.1.1_ce-16.1 on GA media
Description of the patch
These are all security issues fixed in the docker-28.1.1_ce-16.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15046
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "docker-28.1.1_ce-16.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the docker-28.1.1_ce-16.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15046",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15046-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "docker-28.1.1_ce-16.1 on GA media",
"tracking": {
"current_release_date": "2025-05-02T00:00:00Z",
"generator": {
"date": "2025-05-02T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15046-1",
"initial_release_date": "2025-05-02T00:00:00Z",
"revision_history": [
{
"date": "2025-05-02T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.1.1_ce-16.1.aarch64",
"product": {
"name": "docker-28.1.1_ce-16.1.aarch64",
"product_id": "docker-28.1.1_ce-16.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-bash-completion-28.1.1_ce-16.1.aarch64",
"product": {
"name": "docker-bash-completion-28.1.1_ce-16.1.aarch64",
"product_id": "docker-bash-completion-28.1.1_ce-16.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.23.0-16.1.aarch64",
"product": {
"name": "docker-buildx-0.23.0-16.1.aarch64",
"product_id": "docker-buildx-0.23.0-16.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-28.1.1_ce-16.1.aarch64",
"product": {
"name": "docker-fish-completion-28.1.1_ce-16.1.aarch64",
"product_id": "docker-fish-completion-28.1.1_ce-16.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-28.1.1_ce-16.1.aarch64",
"product": {
"name": "docker-rootless-extras-28.1.1_ce-16.1.aarch64",
"product_id": "docker-rootless-extras-28.1.1_ce-16.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-28.1.1_ce-16.1.aarch64",
"product": {
"name": "docker-zsh-completion-28.1.1_ce-16.1.aarch64",
"product_id": "docker-zsh-completion-28.1.1_ce-16.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.1.1_ce-16.1.ppc64le",
"product": {
"name": "docker-28.1.1_ce-16.1.ppc64le",
"product_id": "docker-28.1.1_ce-16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-bash-completion-28.1.1_ce-16.1.ppc64le",
"product": {
"name": "docker-bash-completion-28.1.1_ce-16.1.ppc64le",
"product_id": "docker-bash-completion-28.1.1_ce-16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.23.0-16.1.ppc64le",
"product": {
"name": "docker-buildx-0.23.0-16.1.ppc64le",
"product_id": "docker-buildx-0.23.0-16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-28.1.1_ce-16.1.ppc64le",
"product": {
"name": "docker-fish-completion-28.1.1_ce-16.1.ppc64le",
"product_id": "docker-fish-completion-28.1.1_ce-16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-28.1.1_ce-16.1.ppc64le",
"product": {
"name": "docker-rootless-extras-28.1.1_ce-16.1.ppc64le",
"product_id": "docker-rootless-extras-28.1.1_ce-16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-28.1.1_ce-16.1.ppc64le",
"product": {
"name": "docker-zsh-completion-28.1.1_ce-16.1.ppc64le",
"product_id": "docker-zsh-completion-28.1.1_ce-16.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.1.1_ce-16.1.s390x",
"product": {
"name": "docker-28.1.1_ce-16.1.s390x",
"product_id": "docker-28.1.1_ce-16.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-bash-completion-28.1.1_ce-16.1.s390x",
"product": {
"name": "docker-bash-completion-28.1.1_ce-16.1.s390x",
"product_id": "docker-bash-completion-28.1.1_ce-16.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.23.0-16.1.s390x",
"product": {
"name": "docker-buildx-0.23.0-16.1.s390x",
"product_id": "docker-buildx-0.23.0-16.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-28.1.1_ce-16.1.s390x",
"product": {
"name": "docker-fish-completion-28.1.1_ce-16.1.s390x",
"product_id": "docker-fish-completion-28.1.1_ce-16.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-28.1.1_ce-16.1.s390x",
"product": {
"name": "docker-rootless-extras-28.1.1_ce-16.1.s390x",
"product_id": "docker-rootless-extras-28.1.1_ce-16.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-28.1.1_ce-16.1.s390x",
"product": {
"name": "docker-zsh-completion-28.1.1_ce-16.1.s390x",
"product_id": "docker-zsh-completion-28.1.1_ce-16.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.1.1_ce-16.1.x86_64",
"product": {
"name": "docker-28.1.1_ce-16.1.x86_64",
"product_id": "docker-28.1.1_ce-16.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-bash-completion-28.1.1_ce-16.1.x86_64",
"product": {
"name": "docker-bash-completion-28.1.1_ce-16.1.x86_64",
"product_id": "docker-bash-completion-28.1.1_ce-16.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.23.0-16.1.x86_64",
"product": {
"name": "docker-buildx-0.23.0-16.1.x86_64",
"product_id": "docker-buildx-0.23.0-16.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-28.1.1_ce-16.1.x86_64",
"product": {
"name": "docker-fish-completion-28.1.1_ce-16.1.x86_64",
"product_id": "docker-fish-completion-28.1.1_ce-16.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-28.1.1_ce-16.1.x86_64",
"product": {
"name": "docker-rootless-extras-28.1.1_ce-16.1.x86_64",
"product_id": "docker-rootless-extras-28.1.1_ce-16.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-28.1.1_ce-16.1.x86_64",
"product": {
"name": "docker-zsh-completion-28.1.1_ce-16.1.x86_64",
"product_id": "docker-zsh-completion-28.1.1_ce-16.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.1.1_ce-16.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-28.1.1_ce-16.1.aarch64"
},
"product_reference": "docker-28.1.1_ce-16.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.1.1_ce-16.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-28.1.1_ce-16.1.ppc64le"
},
"product_reference": "docker-28.1.1_ce-16.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.1.1_ce-16.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-28.1.1_ce-16.1.s390x"
},
"product_reference": "docker-28.1.1_ce-16.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.1.1_ce-16.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-28.1.1_ce-16.1.x86_64"
},
"product_reference": "docker-28.1.1_ce-16.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.1.1_ce-16.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.aarch64"
},
"product_reference": "docker-bash-completion-28.1.1_ce-16.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.1.1_ce-16.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.ppc64le"
},
"product_reference": "docker-bash-completion-28.1.1_ce-16.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.1.1_ce-16.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.s390x"
},
"product_reference": "docker-bash-completion-28.1.1_ce-16.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.1.1_ce-16.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.x86_64"
},
"product_reference": "docker-bash-completion-28.1.1_ce-16.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.23.0-16.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.aarch64"
},
"product_reference": "docker-buildx-0.23.0-16.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.23.0-16.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.ppc64le"
},
"product_reference": "docker-buildx-0.23.0-16.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.23.0-16.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.s390x"
},
"product_reference": "docker-buildx-0.23.0-16.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.23.0-16.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.x86_64"
},
"product_reference": "docker-buildx-0.23.0-16.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.1.1_ce-16.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.aarch64"
},
"product_reference": "docker-fish-completion-28.1.1_ce-16.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.1.1_ce-16.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.ppc64le"
},
"product_reference": "docker-fish-completion-28.1.1_ce-16.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.1.1_ce-16.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.s390x"
},
"product_reference": "docker-fish-completion-28.1.1_ce-16.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.1.1_ce-16.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.x86_64"
},
"product_reference": "docker-fish-completion-28.1.1_ce-16.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.1.1_ce-16.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.aarch64"
},
"product_reference": "docker-rootless-extras-28.1.1_ce-16.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.1.1_ce-16.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.ppc64le"
},
"product_reference": "docker-rootless-extras-28.1.1_ce-16.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.1.1_ce-16.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.s390x"
},
"product_reference": "docker-rootless-extras-28.1.1_ce-16.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.1.1_ce-16.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.x86_64"
},
"product_reference": "docker-rootless-extras-28.1.1_ce-16.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-28.1.1_ce-16.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.aarch64"
},
"product_reference": "docker-zsh-completion-28.1.1_ce-16.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-28.1.1_ce-16.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.ppc64le"
},
"product_reference": "docker-zsh-completion-28.1.1_ce-16.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-28.1.1_ce-16.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.s390x"
},
"product_reference": "docker-zsh-completion-28.1.1_ce-16.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-28.1.1_ce-16.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.x86_64"
},
"product_reference": "docker-zsh-completion-28.1.1_ce-16.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.aarch64",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.ppc64le",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.s390x",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.x86_64",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.aarch64",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.ppc64le",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.s390x",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.x86_64",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-bash-completion-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.aarch64",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.ppc64le",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.s390x",
"openSUSE Tumbleweed:docker-buildx-0.23.0-16.1.x86_64",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-fish-completion-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-rootless-extras-28.1.1_ce-16.1.x86_64",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.aarch64",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.ppc64le",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.s390x",
"openSUSE Tumbleweed:docker-zsh-completion-28.1.1_ce-16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15779-1
Vulnerability from csaf_opensuse - Published: 2025-11-28 00:00 - Updated: 2025-11-28 00:00Summary
helm3-3.19.2-1.1 on GA media
Notes
Title of the patch
helm3-3.19.2-1.1 on GA media
Description of the patch
These are all security issues fixed in the helm3-3.19.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15779
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "helm3-3.19.2-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the helm3-3.19.2-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15779",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15779-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16873 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16874 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16875 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-21272 page",
"url": "https://www.suse.com/security/cve/CVE-2021-21272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1996 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23524 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23525 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23526 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36055 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-25165 page",
"url": "https://www.suse.com/security/cve/CVE-2023-25165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-25173 page",
"url": "https://www.suse.com/security/cve/CVE-2023-25173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25620 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26147 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45337 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53547 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "helm3-3.19.2-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-28T00:00:00Z",
"generator": {
"date": "2025-11-28T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15779-1",
"initial_release_date": "2025-11-28T00:00:00Z",
"revision_history": [
{
"date": "2025-11-28T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helm3-3.19.2-1.1.aarch64",
"product": {
"name": "helm3-3.19.2-1.1.aarch64",
"product_id": "helm3-3.19.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm3-bash-completion-3.19.2-1.1.aarch64",
"product": {
"name": "helm3-bash-completion-3.19.2-1.1.aarch64",
"product_id": "helm3-bash-completion-3.19.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm3-fish-completion-3.19.2-1.1.aarch64",
"product": {
"name": "helm3-fish-completion-3.19.2-1.1.aarch64",
"product_id": "helm3-fish-completion-3.19.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm3-zsh-completion-3.19.2-1.1.aarch64",
"product": {
"name": "helm3-zsh-completion-3.19.2-1.1.aarch64",
"product_id": "helm3-zsh-completion-3.19.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm3-3.19.2-1.1.ppc64le",
"product": {
"name": "helm3-3.19.2-1.1.ppc64le",
"product_id": "helm3-3.19.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm3-bash-completion-3.19.2-1.1.ppc64le",
"product": {
"name": "helm3-bash-completion-3.19.2-1.1.ppc64le",
"product_id": "helm3-bash-completion-3.19.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm3-fish-completion-3.19.2-1.1.ppc64le",
"product": {
"name": "helm3-fish-completion-3.19.2-1.1.ppc64le",
"product_id": "helm3-fish-completion-3.19.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm3-zsh-completion-3.19.2-1.1.ppc64le",
"product": {
"name": "helm3-zsh-completion-3.19.2-1.1.ppc64le",
"product_id": "helm3-zsh-completion-3.19.2-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helm3-3.19.2-1.1.s390x",
"product": {
"name": "helm3-3.19.2-1.1.s390x",
"product_id": "helm3-3.19.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm3-bash-completion-3.19.2-1.1.s390x",
"product": {
"name": "helm3-bash-completion-3.19.2-1.1.s390x",
"product_id": "helm3-bash-completion-3.19.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm3-fish-completion-3.19.2-1.1.s390x",
"product": {
"name": "helm3-fish-completion-3.19.2-1.1.s390x",
"product_id": "helm3-fish-completion-3.19.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm3-zsh-completion-3.19.2-1.1.s390x",
"product": {
"name": "helm3-zsh-completion-3.19.2-1.1.s390x",
"product_id": "helm3-zsh-completion-3.19.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm3-3.19.2-1.1.x86_64",
"product": {
"name": "helm3-3.19.2-1.1.x86_64",
"product_id": "helm3-3.19.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm3-bash-completion-3.19.2-1.1.x86_64",
"product": {
"name": "helm3-bash-completion-3.19.2-1.1.x86_64",
"product_id": "helm3-bash-completion-3.19.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm3-fish-completion-3.19.2-1.1.x86_64",
"product": {
"name": "helm3-fish-completion-3.19.2-1.1.x86_64",
"product_id": "helm3-fish-completion-3.19.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm3-zsh-completion-3.19.2-1.1.x86_64",
"product": {
"name": "helm3-zsh-completion-3.19.2-1.1.x86_64",
"product_id": "helm3-zsh-completion-3.19.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64"
},
"product_reference": "helm3-3.19.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le"
},
"product_reference": "helm3-3.19.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x"
},
"product_reference": "helm3-3.19.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64"
},
"product_reference": "helm3-3.19.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-bash-completion-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64"
},
"product_reference": "helm3-bash-completion-3.19.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-bash-completion-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le"
},
"product_reference": "helm3-bash-completion-3.19.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-bash-completion-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x"
},
"product_reference": "helm3-bash-completion-3.19.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-bash-completion-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64"
},
"product_reference": "helm3-bash-completion-3.19.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-fish-completion-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64"
},
"product_reference": "helm3-fish-completion-3.19.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-fish-completion-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le"
},
"product_reference": "helm3-fish-completion-3.19.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-fish-completion-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x"
},
"product_reference": "helm3-fish-completion-3.19.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-fish-completion-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64"
},
"product_reference": "helm3-fish-completion-3.19.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-zsh-completion-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64"
},
"product_reference": "helm3-zsh-completion-3.19.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-zsh-completion-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le"
},
"product_reference": "helm3-zsh-completion-3.19.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-zsh-completion-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x"
},
"product_reference": "helm3-zsh-completion-3.19.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-zsh-completion-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
},
"product_reference": "helm3-zsh-completion-3.19.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16873"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it\u0027s possible to arrange things so that a Git repository is cloned to a folder named \".git\" by using a vanity import path that ends with \"/.git\". If the Git repository root contains a \"HEAD\" file, a \"config\" file, an \"objects\" directory, a \"refs\" directory, with some work to ensure the proper ordering of operations, \"go get -u\" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the \"config\" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running \"go get -u\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16873",
"url": "https://www.suse.com/security/cve/CVE-2018-16873"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-16873"
},
{
"cve": "CVE-2018-16874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16874"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both \u0027{\u0027 and \u0027}\u0027 characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16874",
"url": "https://www.suse.com/security/cve/CVE-2018-16874"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16874"
},
{
"cve": "CVE-2018-16875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16875"
}
],
"notes": [
{
"category": "general",
"text": "The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16875",
"url": "https://www.suse.com/security/cve/CVE-2018-16875"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16875"
},
{
"cve": "CVE-2021-21272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-21272"
}
],
"notes": [
{
"category": "general",
"text": "ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a \"zip-slip\" vulnerability. The directory support feature allows the downloaded gzipped tarballs to be automatically extracted to the user-specified directory where the tarball can have symbolic links and hard links. A well-crafted tarball or tarballs allow malicious artifact providers linking, writing, or overwriting specific files on the host filesystem outside of the user-specified directory unexpectedly with the same permissions as the user who runs `oras pull`. Users of the affected versions are impacted if they are `oras` CLI users who runs `oras pull`, or if they are Go programs, which invoke `github.com/deislabs/oras/pkg/content.FileStore`. The problem has been fixed in version 0.9.0. For `oras` CLI users, there is no workarounds other than pulling from a trusted artifact provider. For `oras` package users, the workaround is to not use `github.com/deislabs/oras/pkg/content.FileStore`, and use other content stores instead, or pull from a trusted artifact provider.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-21272",
"url": "https://www.suse.com/security/cve/CVE-2021-21272"
},
{
"category": "external",
"summary": "SUSE Bug 1181419 for CVE-2021-21272",
"url": "https://bugzilla.suse.com/1181419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-21272"
},
{
"cve": "CVE-2022-1996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1996"
}
],
"notes": [
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1996",
"url": "https://www.suse.com/security/cve/CVE-2022-1996"
},
{
"category": "external",
"summary": "SUSE Bug 1200528 for CVE-2022-1996",
"url": "https://bugzilla.suse.com/1200528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2022-1996"
},
{
"cve": "CVE-2022-23524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23524"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to Uncontrolled Resource Consumption, resulting in Denial of Service. Input to functions in the _strvals_ package can cause a stack overflow. In Go, a stack overflow cannot be recovered from. Applications that use functions from the _strvals_ package in the Helm SDK can have a Denial of Service attack when they use this package and it panics. This issue has been patched in 3.10.3. SDK users can validate strings supplied by users won\u0027t create large arrays causing significant memory usage before passing them to the _strvals_ functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23524",
"url": "https://www.suse.com/security/cve/CVE-2022-23524"
},
{
"category": "external",
"summary": "SUSE Bug 1206467 for CVE-2022-23524",
"url": "https://bugzilla.suse.com/1206467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-23524"
},
{
"cve": "CVE-2022-23525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23525"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the _repo_package. The _repo_ package contains a handler that processes the index file of a repository. For example, the Helm client adds references to chart repositories where charts are managed. The _repo_ package parses the index file of the repository and loads it into structures Go can work with. Some index files can cause array data structures to be created causing a memory violation. Applications that use the _repo_ package in the Helm SDK to parse an index file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with an index file that causes a memory violation panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate index files that are correctly formatted before passing them to the _repo_ functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23525",
"url": "https://www.suse.com/security/cve/CVE-2022-23525"
},
{
"category": "external",
"summary": "SUSE Bug 1206469 for CVE-2022-23525",
"url": "https://bugzilla.suse.com/1206469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2022-23525"
},
{
"cve": "CVE-2022-23526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23526"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the_chartutil_ package that can cause a segmentation violation. The _chartutil_ package contains a parser that loads a JSON Schema validation file. For example, the Helm client when rendering a chart will validate its values with the schema file. The _chartutil_ package parses the schema file and loads it into structures Go can work with. Some schema files can cause array data structures to be created causing a memory violation. Applications that use the _chartutil_ package in the Helm SDK to parse a schema file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate schema files that are correctly formatted before passing them to the _chartutil_ functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23526",
"url": "https://www.suse.com/security/cve/CVE-2022-23526"
},
{
"category": "external",
"summary": "SUSE Bug 1206471 for CVE-2022-23526",
"url": "https://bugzilla.suse.com/1206471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2022-23526"
},
{
"cve": "CVE-2022-36055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36055"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. Fuzz testing, provided by the CNCF, identified input to functions in the _strvals_ package that can cause an out of memory panic. The _strvals_ package contains a parser that turns strings in to Go structures. The _strvals_ package converts these strings into structures Go can work with. Some string inputs can cause array data structures to be created causing an out of memory panic. Applications that use the _strvals_ package in the Helm SDK to parse user supplied input can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with input to `--set`, `--set-string`, and other value setting flags that causes an out of memory panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been resolved in 3.9.4. SDK users can validate strings supplied by users won\u0027t create large arrays causing significant memory usage before passing them to the _strvals_ functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36055",
"url": "https://www.suse.com/security/cve/CVE-2022-36055"
},
{
"category": "external",
"summary": "SUSE Bug 1203054 for CVE-2022-36055",
"url": "https://bugzilla.suse.com/1203054"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-36055"
},
{
"cve": "CVE-2023-25165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-25165"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool that streamlines installing and managing Kubernetes applications.`getHostByName` is a Helm template function introduced in Helm v3. The function is able to accept a hostname and return an IP address for that hostname. To get the IP address the function performs a DNS lookup. The DNS lookup happens when used with `helm install|upgrade|template` or when the Helm SDK is used to render a chart. Information passed into the chart can be disclosed to the DNS servers used to lookup the IP address. For example, a malicious chart could inject `getHostByName` into a chart in order to disclose values to a malicious DNS server. The issue has been fixed in Helm 3.11.1. Prior to using a chart with Helm verify the `getHostByName` function is not being used in a template to disclose any information you do not want passed to DNS servers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-25165",
"url": "https://www.suse.com/security/cve/CVE-2023-25165"
},
{
"category": "external",
"summary": "SUSE Bug 1208083 for CVE-2023-25165",
"url": "https://bugzilla.suse.com/1208083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-25165"
},
{
"cve": "CVE-2023-25173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-25173"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well.\n\nThis bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd\u0027s client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `\"USER $USERNAME\"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT [\"su\", \"-\", \"user\"]` to allow `su` to properly set up supplementary groups.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-25173",
"url": "https://www.suse.com/security/cve/CVE-2023-25173"
},
{
"category": "external",
"summary": "SUSE Bug 1208426 for CVE-2023-25173",
"url": "https://bugzilla.suse.com/1208426"
},
{
"category": "external",
"summary": "SUSE Bug 1215588 for CVE-2023-25173",
"url": "https://bugzilla.suse.com/1215588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-25173"
},
{
"cve": "CVE-2024-25620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-25620"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-25620",
"url": "https://www.suse.com/security/cve/CVE-2024-25620"
},
{
"category": "external",
"summary": "SUSE Bug 1219969 for CVE-2024-25620",
"url": "https://bugzilla.suse.com/1219969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-25620"
},
{
"cve": "CVE-2024-26147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26147"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an `index.yaml` file or a plugins `plugin.yaml` file were missing all metadata a panic would occur in Helm. In the Helm SDK, this is found when using the `LoadIndexFile` or `DownloadIndexFile` functions in the `repo` package or the `LoadDir` function in the `plugin` package. For the Helm client this impacts functions around adding a repository and all Helm functions if a malicious plugin is added as Helm inspects all known plugins on each invocation. This issue has been resolved in Helm v3.14.2. If a malicious plugin has been added which is causing all Helm client commands to panic, the malicious plugin can be manually removed from the filesystem. If using Helm SDK versions prior to 3.14.2, calls to affected functions can use `recover` to catch the panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26147",
"url": "https://www.suse.com/security/cve/CVE-2024-26147"
},
{
"category": "external",
"summary": "SUSE Bug 1220207 for CVE-2024-26147",
"url": "https://bugzilla.suse.com/1220207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-26147"
},
{
"cve": "CVE-2024-45337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45337"
}
],
"notes": [
{
"category": "general",
"text": "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45337",
"url": "https://www.suse.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "SUSE Bug 1234482 for CVE-2024-45337",
"url": "https://bugzilla.suse.com/1234482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-45337"
},
{
"cve": "CVE-2024-45338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45338"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45338",
"url": "https://www.suse.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "SUSE Bug 1234794 for CVE-2024-45338",
"url": "https://bugzilla.suse.com/1234794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-45338"
},
{
"cve": "CVE-2025-22870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22870"
}
],
"notes": [
{
"category": "general",
"text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22870",
"url": "https://www.suse.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "SUSE Bug 1238572 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "external",
"summary": "SUSE Bug 1238611 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22870"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-53547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53547"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and this file is written, can be crafted in a way that can cause execution if that same content were in a file that is executed (e.g., a bash.rc file or shell script). If the Chart.lock file is symlinked to one of these files updating dependencies will write the lock file content to the symlinked file. This can lead to unwanted execution. Helm warns of the symlinked file but did not stop execution due to symlinking. This issue has been resolved in Helm v3.18.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53547",
"url": "https://www.suse.com/security/cve/CVE-2025-53547"
},
{
"category": "external",
"summary": "SUSE Bug 1246150 for CVE-2025-53547",
"url": "https://bugzilla.suse.com/1246150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-53547"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15171-1
Vulnerability from csaf_opensuse - Published: 2025-05-27 00:00 - Updated: 2025-05-27 00:00Summary
grafana-11.6.1+security01-1.1 on GA media
Notes
Title of the patch
grafana-11.6.1+security01-1.1 on GA media
Description of the patch
These are all security issues fixed in the grafana-11.6.1+security01-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15171
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "grafana-11.6.1+security01-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the grafana-11.6.1+security01-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15171",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15171-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3580 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4123 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4123/"
}
],
"title": "grafana-11.6.1+security01-1.1 on GA media",
"tracking": {
"current_release_date": "2025-05-27T00:00:00Z",
"generator": {
"date": "2025-05-27T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15171-1",
"initial_release_date": "2025-05-27T00:00:00Z",
"revision_history": [
{
"date": "2025-05-27T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.1+security01-1.1.aarch64",
"product": {
"name": "grafana-11.6.1+security01-1.1.aarch64",
"product_id": "grafana-11.6.1+security01-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.1+security01-1.1.ppc64le",
"product": {
"name": "grafana-11.6.1+security01-1.1.ppc64le",
"product_id": "grafana-11.6.1+security01-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.1+security01-1.1.s390x",
"product": {
"name": "grafana-11.6.1+security01-1.1.s390x",
"product_id": "grafana-11.6.1+security01-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.1+security01-1.1.x86_64",
"product": {
"name": "grafana-11.6.1+security01-1.1.x86_64",
"product_id": "grafana-11.6.1+security01-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.1+security01-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.aarch64"
},
"product_reference": "grafana-11.6.1+security01-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.1+security01-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.ppc64le"
},
"product_reference": "grafana-11.6.1+security01-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.1+security01-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.s390x"
},
"product_reference": "grafana-11.6.1+security01-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.1+security01-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.x86_64"
},
"product_reference": "grafana-11.6.1+security01-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-27T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-3580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3580"
}
],
"notes": [
{
"category": "general",
"text": "An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator account. This vulnerability exists in the DELETE /api/org/users/ endpoint.\n\nThe vulnerability can be exploited when:\n\n1. An Organization administrator exists\n\n2. The Server administrator is either:\n\n - Not part of any organization, or\n - Part of the same organization as the Organization administrator\nImpact:\n\n- Organization administrators can permanently delete Server administrator accounts\n\n- If the only Server administrator is deleted, the Grafana instance becomes unmanageable\n\n- No super-user permissions remain in the system\n\n- Affects all users, organizations, and teams managed in the instance\n\nThe vulnerability is particularly serious as it can lead to a complete loss of administrative control over the Grafana instance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3580",
"url": "https://www.suse.com/security/cve/CVE-2025-3580"
},
{
"category": "external",
"summary": "SUSE Bug 1243672 for CVE-2025-3580",
"url": "https://bugzilla.suse.com/1243672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-27T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-3580"
},
{
"cve": "CVE-2025-4123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4123"
}
],
"notes": [
{
"category": "general",
"text": "A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permissions and if anonymous access is enabled, the XSS will work. If the Grafana Image Renderer plugin is installed, it is possible to exploit the open redirect to achieve a full read SSRF.\n\nThe default Content-Security-Policy (CSP) in Grafana will block the XSS though the `connect-src` directive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4123",
"url": "https://www.suse.com/security/cve/CVE-2025-4123"
},
{
"category": "external",
"summary": "SUSE Bug 1243714 for CVE-2025-4123",
"url": "https://bugzilla.suse.com/1243714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.1+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-27T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-4123"
}
]
}
OPENSUSE-SU-2025:15147-1
Vulnerability from csaf_opensuse - Published: 2025-05-22 00:00 - Updated: 2025-05-22 00:00Summary
kubo-0.35.0-1.1 on GA media
Notes
Title of the patch
kubo-0.35.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the kubo-0.35.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15147
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kubo-0.35.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kubo-0.35.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15147",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15147-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:15147-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QA73DOMVV4XIT7C22BBHOSQN2YR3QNWF/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:15147-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QA73DOMVV4XIT7C22BBHOSQN2YR3QNWF/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "kubo-0.35.0-1.1 on GA media",
"tracking": {
"current_release_date": "2025-05-22T00:00:00Z",
"generator": {
"date": "2025-05-22T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15147-1",
"initial_release_date": "2025-05-22T00:00:00Z",
"revision_history": [
{
"date": "2025-05-22T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubo-0.35.0-1.1.aarch64",
"product": {
"name": "kubo-0.35.0-1.1.aarch64",
"product_id": "kubo-0.35.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubo-0.35.0-1.1.ppc64le",
"product": {
"name": "kubo-0.35.0-1.1.ppc64le",
"product_id": "kubo-0.35.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubo-0.35.0-1.1.s390x",
"product": {
"name": "kubo-0.35.0-1.1.s390x",
"product_id": "kubo-0.35.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubo-0.35.0-1.1.x86_64",
"product": {
"name": "kubo-0.35.0-1.1.x86_64",
"product_id": "kubo-0.35.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubo-0.35.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubo-0.35.0-1.1.aarch64"
},
"product_reference": "kubo-0.35.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubo-0.35.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubo-0.35.0-1.1.ppc64le"
},
"product_reference": "kubo-0.35.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubo-0.35.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubo-0.35.0-1.1.s390x"
},
"product_reference": "kubo-0.35.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubo-0.35.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubo-0.35.0-1.1.x86_64"
},
"product_reference": "kubo-0.35.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubo-0.35.0-1.1.aarch64",
"openSUSE Tumbleweed:kubo-0.35.0-1.1.ppc64le",
"openSUSE Tumbleweed:kubo-0.35.0-1.1.s390x",
"openSUSE Tumbleweed:kubo-0.35.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubo-0.35.0-1.1.aarch64",
"openSUSE Tumbleweed:kubo-0.35.0-1.1.ppc64le",
"openSUSE Tumbleweed:kubo-0.35.0-1.1.s390x",
"openSUSE Tumbleweed:kubo-0.35.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubo-0.35.0-1.1.aarch64",
"openSUSE Tumbleweed:kubo-0.35.0-1.1.ppc64le",
"openSUSE Tumbleweed:kubo-0.35.0-1.1.s390x",
"openSUSE Tumbleweed:kubo-0.35.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-22T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15036-1
Vulnerability from csaf_opensuse - Published: 2025-04-27 00:00 - Updated: 2025-04-27 00:00Summary
glow-2.1.0-2.1 on GA media
Notes
Title of the patch
glow-2.1.0-2.1 on GA media
Description of the patch
These are all security issues fixed in the glow-2.1.0-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15036
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "glow-2.1.0-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the glow-2.1.0-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15036",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15036-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:15036-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QPKEZWS6JMWB5YHJ6IJNYFNNGZGXQM55/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:15036-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QPKEZWS6JMWB5YHJ6IJNYFNNGZGXQM55/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "glow-2.1.0-2.1 on GA media",
"tracking": {
"current_release_date": "2025-04-27T00:00:00Z",
"generator": {
"date": "2025-04-27T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15036-1",
"initial_release_date": "2025-04-27T00:00:00Z",
"revision_history": [
{
"date": "2025-04-27T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "glow-2.1.0-2.1.aarch64",
"product": {
"name": "glow-2.1.0-2.1.aarch64",
"product_id": "glow-2.1.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "glow-bash-completion-2.1.0-2.1.aarch64",
"product": {
"name": "glow-bash-completion-2.1.0-2.1.aarch64",
"product_id": "glow-bash-completion-2.1.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "glow-fish-completion-2.1.0-2.1.aarch64",
"product": {
"name": "glow-fish-completion-2.1.0-2.1.aarch64",
"product_id": "glow-fish-completion-2.1.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "glow-zsh-completion-2.1.0-2.1.aarch64",
"product": {
"name": "glow-zsh-completion-2.1.0-2.1.aarch64",
"product_id": "glow-zsh-completion-2.1.0-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "glow-2.1.0-2.1.ppc64le",
"product": {
"name": "glow-2.1.0-2.1.ppc64le",
"product_id": "glow-2.1.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "glow-bash-completion-2.1.0-2.1.ppc64le",
"product": {
"name": "glow-bash-completion-2.1.0-2.1.ppc64le",
"product_id": "glow-bash-completion-2.1.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "glow-fish-completion-2.1.0-2.1.ppc64le",
"product": {
"name": "glow-fish-completion-2.1.0-2.1.ppc64le",
"product_id": "glow-fish-completion-2.1.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "glow-zsh-completion-2.1.0-2.1.ppc64le",
"product": {
"name": "glow-zsh-completion-2.1.0-2.1.ppc64le",
"product_id": "glow-zsh-completion-2.1.0-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "glow-2.1.0-2.1.s390x",
"product": {
"name": "glow-2.1.0-2.1.s390x",
"product_id": "glow-2.1.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "glow-bash-completion-2.1.0-2.1.s390x",
"product": {
"name": "glow-bash-completion-2.1.0-2.1.s390x",
"product_id": "glow-bash-completion-2.1.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "glow-fish-completion-2.1.0-2.1.s390x",
"product": {
"name": "glow-fish-completion-2.1.0-2.1.s390x",
"product_id": "glow-fish-completion-2.1.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "glow-zsh-completion-2.1.0-2.1.s390x",
"product": {
"name": "glow-zsh-completion-2.1.0-2.1.s390x",
"product_id": "glow-zsh-completion-2.1.0-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "glow-2.1.0-2.1.x86_64",
"product": {
"name": "glow-2.1.0-2.1.x86_64",
"product_id": "glow-2.1.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "glow-bash-completion-2.1.0-2.1.x86_64",
"product": {
"name": "glow-bash-completion-2.1.0-2.1.x86_64",
"product_id": "glow-bash-completion-2.1.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "glow-fish-completion-2.1.0-2.1.x86_64",
"product": {
"name": "glow-fish-completion-2.1.0-2.1.x86_64",
"product_id": "glow-fish-completion-2.1.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "glow-zsh-completion-2.1.0-2.1.x86_64",
"product": {
"name": "glow-zsh-completion-2.1.0-2.1.x86_64",
"product_id": "glow-zsh-completion-2.1.0-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-2.1.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-2.1.0-2.1.aarch64"
},
"product_reference": "glow-2.1.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-2.1.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-2.1.0-2.1.ppc64le"
},
"product_reference": "glow-2.1.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-2.1.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-2.1.0-2.1.s390x"
},
"product_reference": "glow-2.1.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-2.1.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-2.1.0-2.1.x86_64"
},
"product_reference": "glow-2.1.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-bash-completion-2.1.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.aarch64"
},
"product_reference": "glow-bash-completion-2.1.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-bash-completion-2.1.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.ppc64le"
},
"product_reference": "glow-bash-completion-2.1.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-bash-completion-2.1.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.s390x"
},
"product_reference": "glow-bash-completion-2.1.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-bash-completion-2.1.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.x86_64"
},
"product_reference": "glow-bash-completion-2.1.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-fish-completion-2.1.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.aarch64"
},
"product_reference": "glow-fish-completion-2.1.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-fish-completion-2.1.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.ppc64le"
},
"product_reference": "glow-fish-completion-2.1.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-fish-completion-2.1.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.s390x"
},
"product_reference": "glow-fish-completion-2.1.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-fish-completion-2.1.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.x86_64"
},
"product_reference": "glow-fish-completion-2.1.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-zsh-completion-2.1.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.aarch64"
},
"product_reference": "glow-zsh-completion-2.1.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-zsh-completion-2.1.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.ppc64le"
},
"product_reference": "glow-zsh-completion-2.1.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-zsh-completion-2.1.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.s390x"
},
"product_reference": "glow-zsh-completion-2.1.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-zsh-completion-2.1.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.x86_64"
},
"product_reference": "glow-zsh-completion-2.1.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:glow-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-2.1.0-2.1.x86_64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.x86_64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.x86_64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:glow-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-2.1.0-2.1.x86_64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.x86_64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.x86_64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:glow-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-2.1.0-2.1.x86_64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-bash-completion-2.1.0-2.1.x86_64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-fish-completion-2.1.0-2.1.x86_64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.aarch64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.ppc64le",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.s390x",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.0-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-27T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15207-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
alloy-1.9.1-1.1 on GA media
Notes
Title of the patch
alloy-1.9.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the alloy-1.9.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15207
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "alloy-1.9.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the alloy-1.9.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15207",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15207-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-46327 page",
"url": "https://www.suse.com/security/cve/CVE-2025-46327/"
}
],
"title": "alloy-1.9.1-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15207-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.9.1-1.1.aarch64",
"product": {
"name": "alloy-1.9.1-1.1.aarch64",
"product_id": "alloy-1.9.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.9.1-1.1.ppc64le",
"product": {
"name": "alloy-1.9.1-1.1.ppc64le",
"product_id": "alloy-1.9.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.9.1-1.1.s390x",
"product": {
"name": "alloy-1.9.1-1.1.s390x",
"product_id": "alloy-1.9.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.9.1-1.1.x86_64",
"product": {
"name": "alloy-1.9.1-1.1.x86_64",
"product_id": "alloy-1.9.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.9.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64"
},
"product_reference": "alloy-1.9.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.9.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le"
},
"product_reference": "alloy-1.9.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.9.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x"
},
"product_reference": "alloy-1.9.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.9.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
},
"product_reference": "alloy-1.9.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-46327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-46327"
}
],
"notes": [
{
"category": "general",
"text": "gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and macOS the Driver verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Driver. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 1.13.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-46327",
"url": "https://www.suse.com/security/cve/CVE-2025-46327"
},
{
"category": "external",
"summary": "SUSE Bug 1242017 for CVE-2025-46327",
"url": "https://bugzilla.suse.com/1242017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-46327"
}
]
}
OPENSUSE-SU-2025:15236-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
kubernetes1.32-apiserver-1.32.6-1.1 on GA media
Notes
Title of the patch
kubernetes1.32-apiserver-1.32.6-1.1 on GA media
Description of the patch
These are all security issues fixed in the kubernetes1.32-apiserver-1.32.6-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15236
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kubernetes1.32-apiserver-1.32.6-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kubernetes1.32-apiserver-1.32.6-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15236",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15236-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "kubernetes1.32-apiserver-1.32.6-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15236-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-apiserver-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-client-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-client-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-client-common-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-controller-manager-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-kubeadm-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-kubelet-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-proxy-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-scheduler-1.32.6-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-apiserver-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-client-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-client-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-client-common-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-kubelet-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-proxy-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-scheduler-1.32.6-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-apiserver-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-client-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-client-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-common-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-client-common-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-controller-manager-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-kubeadm-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-kubelet-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-kubelet-common-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-proxy-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-proxy-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-scheduler-1.32.6-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-apiserver-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-client-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-client-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-client-common-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-controller-manager-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-kubeadm-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-kubelet-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-proxy-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-scheduler-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-scheduler-1.32.6-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-client-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-client-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-client-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-client-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-client-common-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-proxy-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-scheduler-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15234-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
kubernetes1.30-apiserver-1.30.14-1.1 on GA media
Notes
Title of the patch
kubernetes1.30-apiserver-1.30.14-1.1 on GA media
Description of the patch
These are all security issues fixed in the kubernetes1.30-apiserver-1.30.14-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15234
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kubernetes1.30-apiserver-1.30.14-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kubernetes1.30-apiserver-1.30.14-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15234",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15234-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "kubernetes1.30-apiserver-1.30.14-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15234-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-apiserver-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-client-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-client-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-client-common-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-controller-manager-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-kubeadm-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-kubelet-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-proxy-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-scheduler-1.30.14-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-apiserver-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-client-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-client-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-client-common-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-kubelet-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-proxy-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-scheduler-1.30.14-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-apiserver-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-client-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-client-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-common-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-client-common-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-controller-manager-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-kubeadm-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-kubelet-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-kubelet-common-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-proxy-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-proxy-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-scheduler-1.30.14-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-apiserver-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-client-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-client-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-client-common-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-controller-manager-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-kubeadm-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-kubelet-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-proxy-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-scheduler-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-scheduler-1.30.14-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-client-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-client-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-client-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-client-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-client-common-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-proxy-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-scheduler-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15305-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
traefik2-2.11.26-1.1 on GA media
Notes
Title of the patch
traefik2-2.11.26-1.1 on GA media
Description of the patch
These are all security issues fixed in the traefik2-2.11.26-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15305
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "traefik2-2.11.26-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the traefik2-2.11.26-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15305",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15305-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28180 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32431 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47952 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47952/"
}
],
"title": "traefik2-2.11.26-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15305-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.26-1.1.aarch64",
"product": {
"name": "traefik2-2.11.26-1.1.aarch64",
"product_id": "traefik2-2.11.26-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.26-1.1.ppc64le",
"product": {
"name": "traefik2-2.11.26-1.1.ppc64le",
"product_id": "traefik2-2.11.26-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.26-1.1.s390x",
"product": {
"name": "traefik2-2.11.26-1.1.s390x",
"product_id": "traefik2-2.11.26-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.26-1.1.x86_64",
"product": {
"name": "traefik2-2.11.26-1.1.x86_64",
"product_id": "traefik2-2.11.26-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.26-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64"
},
"product_reference": "traefik2-2.11.26-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.26-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le"
},
"product_reference": "traefik2-2.11.26-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.26-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x"
},
"product_reference": "traefik2-2.11.26-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.26-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
},
"product_reference": "traefik2-2.11.26-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28180"
}
],
"notes": [
{
"category": "general",
"text": "Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28180",
"url": "https://www.suse.com/security/cve/CVE-2024-28180"
},
{
"category": "external",
"summary": "SUSE Bug 1234984 for CVE-2024-28180",
"url": "https://bugzilla.suse.com/1234984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-28180"
},
{
"cve": "CVE-2024-45338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45338"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45338",
"url": "https://www.suse.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "SUSE Bug 1234794 for CVE-2024-45338",
"url": "https://bugzilla.suse.com/1234794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-45338"
},
{
"cve": "CVE-2025-22868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22868"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22868",
"url": "https://www.suse.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "SUSE Bug 1239185 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239185"
},
{
"category": "external",
"summary": "SUSE Bug 1239186 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22868"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-22871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22871"
}
],
"notes": [
{
"category": "general",
"text": "The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22871",
"url": "https://www.suse.com/security/cve/CVE-2025-22871"
},
{
"category": "external",
"summary": "SUSE Bug 1240550 for CVE-2025-22871",
"url": "https://bugzilla.suse.com/1240550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22871"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27144"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27144",
"url": "https://www.suse.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1237608 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237608"
},
{
"category": "external",
"summary": "SUSE Bug 1237609 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-27144"
},
{
"cve": "CVE-2025-32431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32431"
}
],
"notes": [
{
"category": "general",
"text": "Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a /../ in its path, it\u0027s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.24, 3.3.6, and 3.4.0-rc2. A workaround involves adding a `PathRegexp` rule to the matcher to prevent matching a route with a `/../` in the path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32431",
"url": "https://www.suse.com/security/cve/CVE-2025-32431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-32431"
},
{
"cve": "CVE-2025-47952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47952"
}
],
"notes": [
{
"category": "general",
"text": "Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a URL encoded string in its path, it\u0027s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.25 and 3.4.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47952",
"url": "https://www.suse.com/security/cve/CVE-2025-47952"
},
{
"category": "external",
"summary": "SUSE Bug 1243818 for CVE-2025-47952",
"url": "https://bugzilla.suse.com/1243818"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-47952"
}
]
}
OPENSUSE-SU-2025:15304-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
traefik-3.4.3-1.1 on GA media
Notes
Title of the patch
traefik-3.4.3-1.1 on GA media
Description of the patch
These are all security issues fixed in the traefik-3.4.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15304
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "traefik-3.4.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the traefik-3.4.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15304",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15304-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4533 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47952 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47952/"
}
],
"title": "traefik-3.4.3-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15304-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "traefik-3.4.3-1.1.aarch64",
"product": {
"name": "traefik-3.4.3-1.1.aarch64",
"product_id": "traefik-3.4.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-3.4.3-1.1.ppc64le",
"product": {
"name": "traefik-3.4.3-1.1.ppc64le",
"product_id": "traefik-3.4.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-3.4.3-1.1.s390x",
"product": {
"name": "traefik-3.4.3-1.1.s390x",
"product_id": "traefik-3.4.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-3.4.3-1.1.x86_64",
"product": {
"name": "traefik-3.4.3-1.1.x86_64",
"product_id": "traefik-3.4.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64"
},
"product_reference": "traefik-3.4.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le"
},
"product_reference": "traefik-3.4.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x"
},
"product_reference": "traefik-3.4.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
},
"product_reference": "traefik-3.4.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-4533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4533"
}
],
"notes": [
{
"category": "general",
"text": "The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin users to perform SQL injection attacks",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4533",
"url": "https://www.suse.com/security/cve/CVE-2024-4533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-4533"
},
{
"cve": "CVE-2024-45338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45338"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45338",
"url": "https://www.suse.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "SUSE Bug 1234794 for CVE-2024-45338",
"url": "https://bugzilla.suse.com/1234794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-45338"
},
{
"cve": "CVE-2025-22868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22868"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22868",
"url": "https://www.suse.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "SUSE Bug 1239185 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239185"
},
{
"category": "external",
"summary": "SUSE Bug 1239186 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22868"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27144"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27144",
"url": "https://www.suse.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1237608 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237608"
},
{
"category": "external",
"summary": "SUSE Bug 1237609 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-27144"
},
{
"cve": "CVE-2025-47952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47952"
}
],
"notes": [
{
"category": "general",
"text": "Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a URL encoded string in its path, it\u0027s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.25 and 3.4.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47952",
"url": "https://www.suse.com/security/cve/CVE-2025-47952"
},
{
"category": "external",
"summary": "SUSE Bug 1243818 for CVE-2025-47952",
"url": "https://bugzilla.suse.com/1243818"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-47952"
}
]
}
OPENSUSE-SU-2025:15028-1
Vulnerability from csaf_opensuse - Published: 2025-04-25 00:00 - Updated: 2025-04-25 00:00Summary
distrobuilder-3.2-2.1 on GA media
Notes
Title of the patch
distrobuilder-3.2-2.1 on GA media
Description of the patch
These are all security issues fixed in the distrobuilder-3.2-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15028
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "distrobuilder-3.2-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the distrobuilder-3.2-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15028",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15028-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "distrobuilder-3.2-2.1 on GA media",
"tracking": {
"current_release_date": "2025-04-25T00:00:00Z",
"generator": {
"date": "2025-04-25T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15028-1",
"initial_release_date": "2025-04-25T00:00:00Z",
"revision_history": [
{
"date": "2025-04-25T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "distrobuilder-3.2-2.1.aarch64",
"product": {
"name": "distrobuilder-3.2-2.1.aarch64",
"product_id": "distrobuilder-3.2-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "distrobuilder-3.2-2.1.ppc64le",
"product": {
"name": "distrobuilder-3.2-2.1.ppc64le",
"product_id": "distrobuilder-3.2-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "distrobuilder-3.2-2.1.s390x",
"product": {
"name": "distrobuilder-3.2-2.1.s390x",
"product_id": "distrobuilder-3.2-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "distrobuilder-3.2-2.1.x86_64",
"product": {
"name": "distrobuilder-3.2-2.1.x86_64",
"product_id": "distrobuilder-3.2-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "distrobuilder-3.2-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distrobuilder-3.2-2.1.aarch64"
},
"product_reference": "distrobuilder-3.2-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "distrobuilder-3.2-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distrobuilder-3.2-2.1.ppc64le"
},
"product_reference": "distrobuilder-3.2-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "distrobuilder-3.2-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distrobuilder-3.2-2.1.s390x"
},
"product_reference": "distrobuilder-3.2-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "distrobuilder-3.2-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distrobuilder-3.2-2.1.x86_64"
},
"product_reference": "distrobuilder-3.2-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.aarch64",
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.ppc64le",
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.s390x",
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.aarch64",
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.ppc64le",
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.s390x",
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.aarch64",
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.ppc64le",
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.s390x",
"openSUSE Tumbleweed:distrobuilder-3.2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-25T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025-20117-1
Vulnerability from csaf_opensuse - Published: 2025-11-27 12:27 - Updated: 2025-11-27 12:27Summary
Security update for trivy
Notes
Title of the patch
Security update for trivy
Description of the patch
This update for trivy fixes the following issues:
Changes in trivy:
Update to version 0.67.2 (bsc#1250625, CVE-2025-11065, bsc#1248897, CVE-2025-58058):
* fix: Use `fetch-level: 1` to check out trivy-repo in the release workflow [backport: release/v0.67] (#9638)
* fix: restore compatibility for google.protobuf.Value [backport: release/v0.67] (#9631)
* fix: using SrcVersion instead of Version for echo detector [backport: release/v0.67] (#9629)
* fix: add `buildInfo` for `BlobInfo` in `rpc` package [backport: release/v0.67] (#9615)
* fix(vex): don't use reused BOM [backport: release/v0.67] (#9612)
* fix(vex): don't suppress vulns for packages with infinity loop (#9465)
* fix(aws): use `BuildableClient` insead of `xhttp.Client` (#9436)
* refactor(misconf): replace github.com/liamg/memoryfs with internal mapfs and testing/fstest (#9282)
* docs: clarify inline ignore limitations for resource-less checks (#9537)
* fix(k8s): disable parallel traversal with fs cache for k8s images (#9534)
* fix(misconf): handle tofu files in module detection (#9486)
* feat(seal): add seal support (#9370)
* docs: fix modules path and update code example (#9539)
* fix: close file descriptors and pipes on error paths (#9536)
* feat: add documentation URL for database lock errors (#9531)
* fix(db): Dowload database when missing but metadata still exists (#9393)
* feat(cloudformation): support default values and list results in Fn::FindInMap (#9515)
* fix(misconf): unmark cty values before access (#9495)
* feat(cli): change --list-all-pkgs default to true (#9510)
* fix(nodejs): parse workspaces as objects for package-lock.json files (#9518)
* refactor(fs): use underlyingPath to determine virtual files more reliably (#9302)
* refactor: remove google/wire dependency and implement manual DI (#9509)
* chore(deps): bump the aws group with 6 updates (#9481)
* chore(deps): bump the common group across 1 directory with 24 updates (#9507)
* fix(misconf): wrap legacy ENV values in quotes to preserve spaces (#9497)
* docs: move info about `detection priority` into coverage section (#9469)
* feat(sbom): added support for CoreOS (#9448)
* fix(misconf): strip build metadata suffixes from image history (#9498)
* feat(cyclonedx): preserve SBOM structure when scanning SBOM files with vulnerability updates (#9439)
* docs: Fix typo in terraform docs (#9492)
* feat(redhat): add os-release detection for RHEL-based images (#9458)
* ci(deps): add 3-day cooldown period for Dependabot updates (#9475)
* refactor: migrate from go-json-experiment to encoding/json/v2 (#9422)
* fix(vuln): compare `nuget` package names in lower case (#9456)
* chore: Update release flow to include chocolatey (#9460)
* docs: document eol supportability (#9434)
* docs(report): add nuanses about secret/license scanner in summary table (#9442)
* ci: use environment variables in GitHub Actions for improved security (#9433)
* chore: bump Go to 1.24.7 (#9435)
* fix(nodejs): use snapshot string as `Package.ID` for pnpm packages (#9330)
* ci(helm): bump Trivy version to 0.66.0 for Trivy Helm Chart 0.18.0 (#9425)
Update to version 0.66.0 (bsc#1248937, CVE-2025-58058):
* chore(deps): bump the aws group with 7 updates (#9419)
* refactor(secret): clarify secret scanner messages (#9409)
* fix(cyclonedx): handle multiple license types (#9378)
* fix(repo): sanitize git repo URL before inserting into report metadata (#9391)
* test: add HTTP basic authentication to git test server (#9407)
* fix(sbom): add support for `file` component type of `CycloneDX` (#9372)
* fix(misconf): ensure module source is known (#9404)
* ci: migrate GitHub Actions from version tags to SHA pinning (#9405)
* fix: create temp file under composite fs dir (#9387)
* chore(deps): bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 (#9403)
* refactor: switch to stable azcontainerregistry SDK package (#9319)
* chore(deps): bump the common group with 7 updates (#9382)
* refactor(misconf): migrate from custom Azure JSON parser (#9222)
* fix(repo): preserve RepoMetadata on FS cache hit (#9389)
* refactor(misconf): use atomic.Int32 (#9385)
* chore(deps): bump the aws group with 6 updates (#9383)
* docs: Fix broken link to "Built-in Checks" (#9375)
* fix(plugin): don't remove plugins when updating index.yaml file (#9358)
* fix: persistent flag option typo (#9374)
* chore(deps): bump the common group across 1 directory with 26 updates (#9347)
* fix(image): use standardized HTTP client for ECR authentication (#9322)
* refactor: export `systemFileFiltering` Post Handler (#9359)
* docs: update links to Semaphore pages (#9352)
* fix(conda): memory leak by adding closure method for `package.json` file (#9349)
* feat: add timeout handling for cache database operations (#9307)
* fix(misconf): use correct field log_bucket instead of target_bucket in gcp bucket (#9296)
* fix(misconf): ensure ignore rules respect subdirectory chart paths (#9324)
* chore(deps): bump alpine from 3.21.4 to 3.22.1 (#9301)
* feat(terraform): use .terraform cache for remote modules in plan scanning (#9277)
* chore: fix some function names in comment (#9314)
* chore(deps): bump the aws group with 7 updates (#9311)
* docs: add explanation for how to use non-system certificates (#9081)
* chore(deps): bump the github-actions group across 1 directory with 2 updates (#8962)
* fix(misconf): preserve original paths of remote submodules from .terraform (#9294)
* refactor(terraform): make Scan method of Terraform plan scanner private (#9272)
* fix: suppress debug log for context cancellation errors (#9298)
* feat(secret): implement streaming secret scanner with byte offset tracking (#9264)
* fix(python): impove package name normalization (#9290)
* feat(misconf): added audit config attribute (#9249)
* refactor(misconf): decouple input fs and track extracted files with fs references (#9281)
* test(misconf): remove BenchmarkCalculate using outdated check metadata (#9291)
* refactor: simplify Detect function signature (#9280)
* ci(helm): bump Trivy version to 0.65.0 for Trivy Helm Chart 0.17.0 (#9288)
* fix(fs): avoid shadowing errors in file.glob (#9286)
* test(misconf): move terraform scan tests to integration tests (#9271)
* test(misconf): drop gcp iam test covered by another case (#9285)
* chore(deps): bump to alpine from `3.21.3` to `3.21.4` (#9283)
Update to version 0.65.0:
* fix(cli): ensure correct command is picked by telemetry (#9260)
* feat(flag): add schema validation for `--server` flag (#9270)
* chore(deps): bump github.com/docker/docker from 28.3.2+incompatible to 28.3.3+incompatible (#9274)
* ci: skip undefined labels in discussion triage action (#9175)
* feat(repo): add git repository metadata to reports (#9252)
* fix(license): handle WITH operator for `LaxSplitLicenses` (#9232)
* chore: add modernize tool integration for code modernization (#9251)
* fix(secret): add UTF-8 validation in secret scanner to prevent protobuf marshalling errors (#9253)
* chore: implement process-safe temp file cleanup (#9241)
* fix: prevent graceful shutdown message on normal exit (#9244)
* fix(misconf): correctly parse empty port ranges in google_compute_firewall (#9237)
* feat: add graceful shutdown with signal handling (#9242)
* chore: update template URL for brew formula (#9221)
* test: add end-to-end testing framework with image scan and proxy tests (#9231)
* refactor(db): use `Getter` interface with `GetParams` for trivy-db sources (#9239)
* ci: specify repository for `gh cache delete` in canary worklfow (#9240)
* ci: remove invalid `--confirm` flag from `gh cache delete` command in canary builds (#9236)
* fix(misconf): fix log bucket in schema (#9235)
* chore(deps): bump the common group across 1 directory with 24 updates (#9228)
* ci: move runner.os context from job-level env to step-level in canary workflow (#9233)
* chore(deps): bump up Trivy-kubernetes to v0.9.1 (#9214)
* feat(misconf): added logging and versioning to the gcp storage bucket (#9226)
* fix(server): add HTTP transport setup to server mode (#9217)
* chore: update the rpm download Update (#9202)
* feat(alma): add AlmaLinux 10 support (#9207)
* fix(nodejs): don't use prerelease logic for compare npm constraints (#9208)
* fix(rootio): fix severity selection (#9181)
* fix(sbom): merge in-graph and out-of-graph OS packages in scan results (#9194)
* fix(cli): panic: attempt to get os.Args[1] when len(os.Args) < 2 (#9206)
* fix(misconf): correctly adapt azure storage account (#9138)
* feat(misconf): add private ip google access attribute to subnetwork (#9199)
* feat(report): add CVSS vectors in sarif report (#9157)
* fix(terraform): `for_each` on a map returns a resource for every key (#9156)
* fix: supporting .egg-info/METADATA in python.Packaging analyzer (#9151)
* chore: migrate protoc setup from Docker to buf CLI (#9184)
* ci: delete cache after artifacts upload in canary workflow (#9177)
* refactor: remove aws flag helper message (#9080)
* ci: use gh pr view to get PR number for forked repositories in auto-ready workflow (#9183)
* ci: add auto-ready-for-review workflow (#9179)
* feat(image): add Docker context resolution (#9166)
* ci: optimize golangci-lint performance with cache-based strategy (#9173)
* feat: add HTTP request/response tracing support (#9125)
* fix(aws): update amazon linux 2 EOL date (#9176)
* chore: Update release workflow to trigger version updates (#9162)
* chore(deps): bump helm.sh/helm/v3 from 3.18.3 to 3.18.4 (#9164)
* fix: also check `filepath` when removing duplicate packages (#9142)
* chore: add debug log to show image source location (#9163)
* docs: add section on customizing default check data (#9114)
* chore(deps): bump the common group across 1 directory with 9 updates (#9153)
* docs: partners page content updates (#9149)
* chore(license): add missed spdx exceptions: (#9147)
* docs: trivy partners page updates (#9133)
* fix: migrate from `*.list` to `*.md5sums` files for `dpkg` (#9131)
* ci(helm): bump Trivy version to 0.64.1 for Trivy Helm Chart 0.16.1 (#9135)
* feat(sbom): add SHA-512 hash support for CycloneDX SBOM (#9126)
* fix(misconf): skip rewriting expr if attr is nil (#9113)
* fix(license): add missed `GFDL-NIV-1.1` and `GFDL-NIV-1.2` into Trivy mapping (#9116)
* fix(cli): Add more non-sensitive flags to telemetry (#9110)
* fix(alma): parse epochs from rpmqa file (#9101)
* fix(rootio): check full version to detect `root.io` packages (#9117)
* chore: drop FreeBSD 32-bit support (#9102)
* fix(sbom): use correct field for licenses in CycloneDX reports (#9057)
* fix(secret): fix line numbers for multiple-line secrets (#9104)
* feat(license): observe pkg types option in license scanner (#9091)
* ci(helm): bump Trivy version to 0.64.0 for Trivy Helm Chart 0.16.0 (#9107)
- (CVE-2025-53547, bsc#1246151)
- Update to version 0.64.1 (bsc#1243633, CVE-2025-47291,
(bsc#1246730, CVE-2025-46569):
* fix(misconf): skip rewriting expr if attr is nil [backport: release/v0.64] (#9127)
* fix(cli): Add more non-sensitive flags to telemetry [backport: release/v0.64] (#9124)
* fix(rootio): check full version to detect `root.io` packages [backport: release/v0.64] (#9120)
* fix(alma): parse epochs from rpmqa file [backport: release/v0.64] (#9119)
* docs(python): fix type with METADATA file name (#9090)
* feat: reject unsupported artifact types in remote image retrieval (#9052)
* chore(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 (#9088)
* refactor(misconf): rewrite Rego module filtering using functional filters (#9061)
* feat(terraform): add partial evaluation for policy templates (#8967)
* feat(vuln): add Root.io support for container image scanning (#9073)
* feat(sbom): add manufacturer field to CycloneDX tools metadata (#9019)
* fix(cli): add some values to the telemetry call (#9056)
* feat(ubuntu): add end of life date for Ubuntu 25.04 (#9077)
* refactor: centralize HTTP transport configuration (#9058)
* test: include integration tests in linting and fix all issues (#9060)
* chore(deps): bump the common group across 1 directory with 26 updates (#9063)
* feat(java): dereference all maven settings.xml env placeholders (#9024)
* fix(misconf): reduce log noise on incompatible check (#9029)
* fix(misconf): .Config.User always takes precedence over USER in .History (#9050)
* chore(deps): update Docker to v28.2.2 and fix compatibility issues (#9037)
* docs(misconf): simplify misconfiguration docs (#9030)
* fix(misconf): move disabled checks filtering after analyzer scan (#9002)
* docs: add PR review policy for maintainers (#9032)
* fix(sbom): remove unnecessary OS detection check in SBOM decoding (#9034)
* test: improve and extend tests for iac/adapters/arm (#9028)
* chore: bump up Go version to 1.24.4 (#9031)
* feat(cli): add version constraints to annoucements (#9023)
* fix(misconf): correct Azure value-to-time conversion in AsTimeValue (#9015)
* feat(ubuntu): add eol date for 20.04-ESM (#8981)
* fix(report): don't panic when report contains vulns, but doesn't contain packages for `table` format (#8549)
* fix(nodejs): correctly parse `packages` array of `bun.lock` file (#8998)
* refactor: use strings.SplitSeq instead of strings.Split in for-loop (#8983)
* docs: change --disable-metrics to --disable-telemetry in example (#8999) (#9003)
* feat(misconf): add OpenTofu file extension support (#8747)
* refactor(misconf): set Trivy version by default in Rego scanner (#9001)
* docs: fix assets with versioning (#8996)
* docs: add partners page (#8988)
* chore(alpine): add EOL date for Alpine 3.22 (#8992)
* fix: don't show corrupted trivy-db warning for first run (#8991)
* Update installation.md (#8979)
* feat(misconf): normalize CreatedBy for buildah and legacy docker builder (#8953)
* chore(k8s): update comments with deprecated command format (#8964)
* chore: fix errors and typos in docs (#8963)
* fix: Add missing version check flags (#8951)
* feat(redhat): Add EOL date for RHEL 10. (#8910)
* fix: Correctly check for semver versions for trivy version check (#8948)
* refactor(server): change custom advisory and vulnerability data types fr… (#8923)
* ci(helm): bump Trivy version to 0.63.0 for Trivy Helm Chart 0.15.0 (#8946)
* fix(misconf): use argument value in WithIncludeDeprecatedChecks (#8942)
* chore(deps): Bump trivy-checks (#8934)
* fix(julia): add `Relationship` field support (#8939)
* feat(minimos): Add support for MinimOS (#8792)
* feat(alpine): add maintainer field extraction for APK packages (#8930)
* feat(echo): Add Echo Support (#8833)
* fix(redhat): Also try to find buildinfo in root layer (layer 0) (#8924)
* fix(wolfi): support new APK database location (#8937)
* feat(k8s): get components from namespaced resources (#8918)
* refactor(cloudformation): remove unused ScanFile method from Scanner (#8927)
* refactor(terraform): remove result sorting from scanner (#8928)
* feat(misconf): Add support for `Minimum Trivy Version` (#8880)
* docs: improve skipping files documentation (#8749)
* feat(cli): Add available version checking (#8553)
* feat(nodejs): add a bun.lock analyzer (#8897)
* feat: terraform parser option to set current working directory (#8909)
* perf(secret): only match secrets of meaningful length, allow example strings to not be matched (#8602)
* feat(misconf): export raw Terraform data to Rego (#8741)
* refactor(terraform): simplify AllReferences method signature in Attribute (#8906)
* fix: check post-analyzers for StaticPaths (#8904)
* feat: add Bottlerocket OS package analyzer (#8653)
* feat(license): improve work text licenses with custom classification (#8888)
* chore(deps): bump github.com/containerd/containerd/v2 from 2.1.0 to 2.1.1 (#8901)
* chore(deps): bump the common group across 1 directory with 9 updates (#8887)
* refactor(license): simplify compound license scanning (#8896)
* feat(license): Support compound licenses (licenses using SPDX operators) (#8816)
* fix(k8s): use in-memory cache backend during misconfig scanning (#8873)
* feat(nodejs): add bun.lock parser (#8851)
* feat(license): improve work with custom classification of licenses from config file (#8861)
* fix(cli): disable `--skip-dir` and `--skip-files` flags for `sbom` command (#8886)
* fix: julia parser panicing (#8883)
* refactor(db): change logic to detect wrong DB (#8864)
* fix(cli): don't use allow values for `--compliance` flag (#8881)
* docs(misconf): Reorganize misconfiguration scan pages (#8206)
* fix(server): add missed Relationship field for `rpc` (#8872)
* feat: add JSONC support for comments and trailing commas (#8862)
* fix(vex): use `lo.IsNil` to check `VEX` from OCI artifact (#8858)
* feat(go): support license scanning in both GOPATH and vendor (#8843)
* fix(redhat): save contentSets for OS packages in fs/vm modes (#8820)
* fix: filter all files when processing files installed from package managers (#8842)
* feat(misconf): add misconfiguration location to junit template (#8793)
* docs(vuln): remove OSV for Python from data sources (#8841)
* chore: add an issue template for maintainers (#8838)
* chore: enable staticcheck (#8815)
* ci(helm): bump Trivy version to 0.62.1 for Trivy Helm Chart 0.14.1 (#8836)
* feat(license): scan vendor directory for license for go.mod files (#8689)
* docs(java): Update info about dev deps in gradle lock (#8830)
* chore(deps): bump golang.org/x/sync from 0.13.0 to 0.14.0 in the common group (#8822)
* fix(java): exclude dev dependencies in gradle lockfile (#8803)
* fix: octalLiteral from go-critic (#8811)
* fix(redhat): trim invalid suffix from content_sets in manifest parsing (#8818)
* chore(deps): bump the common group across 1 directory with 10 updates (#8817)
* fix: use-any from revive (#8810)
* fix: more revive rules (#8814)
* docs: change in java.md: fix the Trity -to-> Trivy typo (#8813)
* fix(misconf): check if for-each is known when expanding dyn block (#8808)
* ci(helm): bump Trivy version to 0.62.0 for Trivy Helm Chart 0.14.0 (#8802)
- Update to version 0.62.1 (bsc#1239225, CVE-2025-22868,
bsc#1241724, CVE-2025-22872):
* chore(deps): bump the common group across 1 directory with 10 updates [backport: release/v0.62] (#8831)
* fix(misconf): check if for-each is known when expanding dyn block [backport: release/v0.62] (#8826)
* fix(redhat): trim invalid suffix from content_sets in manifest parsing [backport: release/v0.62] (#8824)
* feat(nodejs): add root and workspace for `yarn` packages (#8535)
* fix: unused-parameter rule from revive (#8794)
* chore(deps): Update trivy-checks (#8798)
* fix: early-return, indent-error-flow and superfluous-else rules from revive (#8796)
* fix(k8s): remove using `last-applied-configuration` (#8791)
* refactor(misconf): remove unused methods from providers (#8781)
* refactor(misconf): remove unused methods from iac types (#8782)
* fix(misconf): filter null nodes when parsing json manifest (#8785)
* fix: testifylint last issues (#8768)
* fix(misconf): perform operations on attribute safely (#8774)
* refactor(ubuntu): update time handling for fixing time (#8780)
* chore(deps): bump golangci-lint to v2.1.2 (#8766)
* feat(image): save layers metadata into report (#8394)
* feat(misconf): convert AWS managed policy to document (#8757)
* chore(deps): bump the docker group across 1 directory with 3 updates (#8762)
* ci(helm): bump Trivy version to 0.61.1 for Trivy Helm Chart 0.13.1 (#8753)
* ci(helm): create a helm branch for patches from main (#8673)
* fix(terraform): hcl object expressions to return references (#8271)
* chore(terraform): option to pass in instanced logger (#8738)
* ci: use `Skitionek/notify-microsoft-teams` instead of `aquasecurity` fork (#8740)
* chore(terraform): remove os.OpenPath call from terraform file functions (#8737)
* chore(deps): bump the common group across 1 directory with 23 updates (#8733)
* feat(rust): add root and workspace relationships/package for `cargo` lock files (#8676)
* refactor(misconf): remove module outputs from parser.EvaluateAll (#8587)
* fix(misconf): populate context correctly for module instances (#8656)
* fix(misconf): check if metadata is not nil (#8647)
* refactor(misconf): switch to x/json (#8719)
* fix(report): clean buffer after flushing (#8725)
* ci: improve PR title validation workflow (#8720)
* refactor(flag): improve flag system architecture and extensibility (#8718)
* fix(terraform): `evaluateStep` to correctly set `EvalContext` for multiple instances of blocks (#8555)
* refactor: migrate from `github.com/aquasecurity/jfather` to `github.com/go-json-experiment/json` (#8591)
* feat(misconf): support auto_provisioning_defaults in google_container_cluster (#8705)
* ci: use `github.event.pull_request.user.login` for release PR check workflow (#8702)
* refactor: add hook interface for extended functionality (#8585)
* fix(misconf): add missing variable as unknown (#8683)
* docs: Update maintainer docs (#8674)
* ci(vuln): reduce github action script injection attack risk (#8610)
* fix(secret): ignore .dist-info directories during secret scanning (#8646)
* fix(server): fix redis key when trying to delete blob (#8649)
* chore(deps): bump the testcontainers group with 2 updates (#8650)
* test: use `aquasecurity` repository for test images (#8677)
* chore(deps): bump the aws group across 1 directory with 5 updates (#8652)
* fix(k8s): skip passed misconfigs for the summary report (#8684)
* fix(k8s): correct compare artifact versions (#8682)
* chore: update Docker lib (#8681)
* refactor(misconf): remove unused terraform attribute methods (#8657)
* feat(misconf): add option to pass Rego scanner to IaC scanner (#8369)
* chore: typo fix to replace `rego` with `repo` on the RepoFlagGroup options error output (#8643)
* docs: Add info about helm charts release (#8640)
* ci(helm): bump Trivy version to 0.61.0 for Trivy Helm Chart 0.13.0 (#8638)
Update to version 0.61.1 (bsc#1239385, CVE-2025-22869, bsc#1240466, CVE-2025-30204):
* fix(k8s): skip passed misconfigs for the summary report [backport: release/v0.61] (#8748)
* fix(k8s): correct compare artifact versions [backport: release/v0.61] (#8699)
* test: use `aquasecurity` repository for test images [backport: release/v0.61] (#8698)
* fix(misconf): Improve logging for unsupported checks (#8634)
* feat(k8s): add support for controllers (#8614)
* fix(debian): don't include empty licenses for `dpkgs` (#8623)
* fix(misconf): Check values wholly prior to evalution (#8604)
* chore(deps): Bump trivy-checks (#8619)
* fix(k8s): show report for `--report all` (#8613)
* chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 (#8597)
* refactor: rename scanner to service (#8584)
* fix(misconf): do not skip loading documents from subdirectories (#8526)
* refactor(misconf): get a block or attribute without calling HasChild (#8586)
* fix(misconf): identify the chart file exactly by name (#8590)
* test: use table-driven tests in Helm scanner tests (#8592)
* refactor(misconf): Simplify misconfig checks bundle parsing (#8533)
* chore(deps): bump the common group across 1 directory with 10 updates (#8566)
* fix(misconf): do not use cty.NilVal for non-nil values (#8567)
* docs(cli): improve flag value display format (#8560)
* fix(misconf): set default values for AWS::EKS::Cluster.ResourcesVpcConfig (#8548)
* docs: remove slack (#8565)
* fix: use `--file-patterns` flag for all post analyzers (#7365)
* docs(python): Mention pip-compile (#8484)
* feat(misconf): adapt aws_opensearch_domain (#8550)
* feat(misconf): adapt AWS::EC2::VPC (#8534)
* docs: fix a broken link (#8546)
* fix(fs): check postAnalyzers for StaticPaths (#8543)
* refactor(misconf): remove unused methods for ec2.Instance (#8536)
* feat(misconf): adapt aws_default_security_group (#8538)
* feat(fs): optimize scanning performance by direct file access for known paths (#8525)
* feat(misconf): adapt AWS::DynamoDB::Table (#8529)
* style: Fix MD syntax in self-hosting.md (#8523)
* perf(misconf): retrieve check metadata from annotations once (#8478)
* feat(misconf): Add support for aws_ami (#8499)
* fix(misconf): skip Azure CreateUiDefinition (#8503)
* refactor(misconf): use OPA v1 (#8518)
* fix(misconf): add ephemeral block type to config schema (#8513)
* perf(misconf): parse input for Rego once (#8483)
* feat: replace TinyGo with standard Go for WebAssembly modules (#8496)
* chore: replace deprecated tenv linter with usetesting (#8504)
* fix(spdx): save text licenses into `otherLicenses` without normalize (#8502)
* chore(deps): bump the common group across 1 directory with 13 updates (#8491)
* chore: use go.mod for managing Go tools (#8493)
* ci(helm): bump Trivy version to 0.60.0 for Trivy Helm Chart 0.12.0 (#8494)
* fix(sbom): improve logic for binding direct dependency to parent component (#8489)
* chore(deps): remove missed replace of `trivy-db` (#8492)
* chore(deps): bump alpine from 3.21.0 to 3.21.3 in the docker group across 1 directory (#8490)
* chore(deps): update Go to 1.24 and switch to go-version-file (#8388)
* docs: add abbreviation list (#8453)
* chore(terraform): assign *terraform.Module 'parent' field (#8444)
* feat: add report summary table (#8177)
* chore(deps): bump the github-actions group with 3 updates (#8473)
* refactor(vex): improve SBOM reference handling with project standards (#8457)
* ci: update GitHub Actions cache to v4 (#8475)
* feat: add `--vuln-severity-source` flag (#8269)
* fix(os): add mapping OS aliases (#8466)
* chore(deps): bump the aws group across 1 directory with 7 updates (#8468)
* chore(deps): Bump trivy-checks to v1.7.1 (#8467)
* refactor(report): write tables after rendering all results (#8357)
* docs: update VEX documentation index page (#8458)
* fix(db): fix case when 2 trivy-db were copied at the same time (#8452)
* feat(misconf): render causes for Terraform (#8360)
* fix(misconf): fix incorrect k8s locations due to JSON to YAML conversion (#8073)
* feat(cyclonedx): Add initial support for loading external VEX files from SBOM references (#8254)
* chore(deps): update go-rustaudit location (#8450)
* fix: update all documentation links (#8045)
* chore(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 (#8443)
* chore(deps): bump the common group with 6 updates (#8411)
* fix(k8s): add missed option `PkgRelationships` (#8442)
* fix(sbom): add SBOM file's filePath as Application FilePath if we can't detect its path (#8346)
* feat(go): fix parsing main module version for go >= 1.24 (#8433)
* refactor(misconf): make Rego scanner independent of config type (#7517)
* fix(image): disable AVD-DS-0007 for history scanning (#8366)
* fix(server): secrets inspectation for the config analyzer in client server mode (#8418)
* chore: remove mockery (#8417)
* test(server): replace mock driver with memory cache in server tests (#8416)
* test: replace mock with memory cache and fix non-deterministic tests (#8410)
* test: replace mock with memory cache in scanner tests (#8413)
* test: use memory cache (#8403)
* fix(spdx): init `pkgFilePaths` map for all formats (#8380)
* chore(deps): bump the common group across 1 directory with 11 updates (#8381)
* docs: correct Ruby documentation (#8402)
* chore: bump `mockery` to update v2.52.2 version and rebuild mock files (#8390)
* fix: don't use `scope` for `trivy registry login` command (#8393)
* fix(go): merge nested flags into string for ldflags for Go binaries (#8368)
* chore(terraform): export module path on terraform modules (#8374)
* fix(terraform): apply parser options to submodule parsing (#8377)
* docs: Fix typos in documentation (#8361)
* docs: fix navigate links (#8336)
* ci(helm): bump Trivy version to 0.59.1 for Trivy Helm Chart 0.11.1 (#8354)
* ci(spdx): add `aqua-installer` step to fix `mage` error (#8353)
* chore: remove debug prints (#8347)
* fix(misconf): do not log scanners when misconfig scanning is disabled (#8345)
* fix(report): remove html escaping for `shortDescription` and `fullDescription` fields for sarif reports (#8344)
* chore(deps): bump Go to `v1.23.5` (#8341)
* fix(python): add `poetry` v2 support (#8323)
* chore(deps): bump the github-actions group across 1 directory with 4 updates (#8331)
* fix(misconf): ecs include enhanced for container insights (#8326)
* fix(sbom): preserve OS packages from multiple SBOMs (#8325)
* ci(helm): bump Trivy version to 0.59.0 for Trivy Helm Chart 0.11.0 (#8311)
* (bsc#1237618, CVE-2025-27144)
Update to version 0.59.1:
* fix(misconf): do not log scanners when misconfig scanning is disabled [backport: release/v0.59] (#8349)
* chore(deps): bump Go to `v1.23.5` [backport: release/v0.59] (#8343)
* fix(python): add `poetry` v2 support [backport: release/v0.59] (#8335)
* fix(sbom): preserve OS packages from multiple SBOMs [backport: release/v0.59] (#8333)
Update to version 0.59.0:
* feat(image): return error early if total size of layers exceeds limit (#8294)
* chore(deps): Bump trivy-checks (#8310)
* chore(terraform): add accessors to underlying raw hcl values (#8306)
* fix: improve conversion of image config to Dockerfile (#8308)
* docs: replace short codes with Unicode emojis (#8296)
* feat(k8s): improve artifact selections for specific namespaces (#8248)
* chore: update code owners (#8303)
* fix(misconf): handle heredocs in dockerfile instructions (#8284)
* fix: de-duplicate same `dpkg` packages with different filePaths from different layers (#8298)
* chore(deps): bump the aws group with 7 updates (#8299)
* chore(deps): bump the common group with 12 updates (#8301)
* chore: enable int-conversion from perfsprint (#8194)
* feat(fs): use git commit hash as cache key for clean repositories (#8278)
* fix(spdx): use the `hasExtractedLicensingInfos` field for licenses that are not listed in the SPDX (#8077)
* chore: use require.ErrorContains when possible (#8291)
* feat(image): prevent scanning oversized container images (#8178)
* chore(deps): use aqua forks for `github.com/liamg/jfather` and `github.com/liamg/iamgo` (#8289)
* fix(fs): fix cache key generation to use UUID (#8275)
* fix(misconf): correctly handle all YAML tags in K8S templates (#8259)
* feat: add support for registry mirrors (#8244)
* chore(deps): bump the common group across 1 directory with 29 updates (#8261)
* refactor(license): improve license expression normalization (#8257)
* feat(misconf): support for ignoring by inline comments for Dockerfile (#8115)
* feat: add a examples field to check metadata (#8068)
* chore(deps): bump alpine from 3.20.0 to 3.21.0 in the docker group across 1 directory (#8196)
* ci: add workflow to restrict direct PRs to release branches (#8240)
* fix(suse): SUSE - update OSType constants and references for compatility (#8236)
* ci: fix path to main dir for canary builds (#8231)
* chore(secret): add reported issues related to secrets in junit template (#8193)
* refactor: use trivy-checks/pkg/specs package (#8226)
* ci(helm): bump Trivy version to 0.58.1 for Trivy Helm Chart 0.10.0 (#8170)
* fix(misconf): allow null values only for tf variables (#8112)
* feat(misconf): support for ignoring by inline comments for Helm (#8138)
* fix(redhat): check `usr/share/buildinfo/` dir to detect content sets (#8222)
* chore(alpine): add EOL date for Alpine 3.21 (#8221)
* fix: CVE-2025-21613 and CVE-2025-21614 : go-git: argument injection via the URL field (#8207)
* fix(misconf): disable git terminal prompt on tf module load (#8026)
* chore: remove aws iam related scripts (#8179)
* docs: Updated JSON schema version 2 in the trivy documentation (#8188)
* refactor(python): use once + debug for `License acquired from METADATA...` logs (#8175)
* refactor: use slices package instead of custom function (#8172)
* chore(deps): bump the common group with 6 updates (#8162)
* feat(python): add support for uv dev and optional dependencies (#8134)
* feat(python): add support for poetry dev dependencies (#8152)
* fix(sbom): attach nested packages to Application (#8144)
* docs(vex): use debian minor version in examples (#8166)
* refactor: add generic Set implementation (#8149)
* chore(deps): bump the aws group across 1 directory with 6 updates (#8163)
* fix(python): skip dev group's deps for poetry (#8106)
* fix(sbom): use root package for `unknown` dependencies (if exists) (#8104)
* chore(deps): bump `golang.org/x/net` from `v0.32.0` to `v0.33.0` (#8140)
* chore(vex): suppress CVE-2024-45338 (#8137)
* feat(python): add support for uv (#8080)
* chore(deps): bump the docker group across 1 directory with 3 updates (#8127)
* chore(deps): bump the common group across 1 directory with 14 updates (#8126)
* chore: bump go to 1.23.4 (#8123)
* test: set dummy value for NUGET_PACKAGES (#8107)
* chore(deps): bump `github.com/CycloneDX/cyclonedx-go` from `v0.9.1` to `v0.9.2` (#8105)
* chore(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 (#8103)
* fix: wasm module test (#8099)
* fix: CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass (#8088)
* chore(vex): suppress CVE-2024-45337 (#8101)
* fix(license): always trim leading and trailing spaces for licenses (#8095)
* fix(sbom): scan results of SBOMs generated from container images are missing layers (#7635)
* fix(redhat): correct rewriting of recommendations for the same vulnerability (#8063)
* fix: enable err-error and errorf rules from perfsprint linter (#7859)
* chore(deps): bump the aws group across 1 directory with 6 updates (#8074)
* perf: avoid heap allocation in applier findPackage (#7883)
* fix: Updated twitter icon (#7772)
* docs(k8s): add a note about multi-container pods (#7815)
* feat: add `--distro` flag to manually specify OS distribution for vulnerability scanning (#8070)
* fix(oracle): add architectures support for advisories (#4809)
* fix: handle `BLOW_UNKNOWN` error to download DBs (#8060)
* feat(misconf): generate placeholders for random provider resources (#8051)
* fix(sbom): fix wrong overwriting of applications obtained from different sbom files but having same app type (#8052)
* fix(flag): skip hidden flags for `--generate-default-config` command (#8046)
* fix(java): correctly overwrite version from depManagement if dependency uses `project.*` props (#8050)
* feat(nodejs): respect peer dependencies for dependency tree (#7989)
* ci(helm): bump Trivy version to 0.58.0 for Trivy Helm Chart 0.10.0 (#8038)
* fix: respect GITHUB_TOKEN to download artifacts from GHCR (#7580)
* chore(deps): bump github.com/moby/buildkit from 0.17.2 to 0.18.0 in the docker group (#8029)
* fix(misconf): use log instead of fmt for logging (#8033)
* docs: add commercial content (#8030)
- Update to version 0.58.2 (
bsc#1234512, CVE-2024-45337,
bsc#1235265, CVE-2024-45338,
bsc#1232948, CVE-2024-51744):
* fix(misconf): allow null values only for tf variables [backport: release/v0.58] (#8238)
* fix(suse): SUSE - update OSType constants and references for compatility [backport: release/v0.58] (#8237)
* fix: CVE-2025-21613 and CVE-2025-21614 : go-git: argument injection via the URL field [backport: release/v0.58] (#8215)
* fix(sbom): attach nested packages to Application [backport: release/v0.58] (#8168)
* fix(python): skip dev group's deps for poetry [backport: release/v0.58] (#8158)
* fix(sbom): use root package for `unknown` dependencies (if exists) [backport: release/v0.58] (#8156)
* chore(deps): bump `golang.org/x/net` from `v0.32.0` to `v0.33.0` [backport: release/v0.58] (#8142)
* chore(deps): bump `github.com/CycloneDX/cyclonedx-go` from `v0.9.1` to `v0.9.2` [backport: release/v0.58] (#8136)
* fix(redhat): correct rewriting of recommendations for the same vulnerability [backport: release/v0.58] (#8135)
* fix(oracle): add architectures support for advisories [backport: release/v0.58] (#8125)
* fix(sbom): fix wrong overwriting of applications obtained from different sbom files but having same app type [backport: release/v0.58] (#8124)
* chore(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 [backport: release/v0.58] (#8122)
* fix: handle `BLOW_UNKNOWN` error to download DBs [backport: release/v0.58] (#8121)
* fix(java): correctly overwrite version from depManagement if dependency uses `project.*` props [backport: release/v0.58] (#8119)
* fix(misconf): wrap AWS EnvVar to iac types (#7407)
* chore(deps): Upgrade trivy-checks (#8018)
* refactor(misconf): Remove unused options (#7896)
* docs: add terminology page to explain Trivy concepts (#7996)
* feat: add `workspaceRelationship` (#7889)
* refactor(sbom): simplify relationship generation (#7985)
* chore: remove Go checks (#7907)
* docs: improve databases documentation (#7732)
* refactor: remove support for custom Terraform checks (#7901)
* docs: fix dead links (#7998)
* docs: drop AWS account scanning (#7997)
* fix(aws): change CPU and Memory type of ContainerDefinition to a string (#7995)
* fix(cli): Handle empty ignore files more gracefully (#7962)
* fix(misconf): load full Terraform module (#7925)
* fix(misconf): properly resolve local Terraform cache (#7983)
* refactor(k8s): add v prefix for Go packages (#7839)
* test: replace Go checks with Rego (#7867)
* feat(misconf): log causes of HCL file parsing errors (#7634)
* chore(deps): bump the aws group across 1 directory with 7 updates (#7991)
* chore(deps): bump github.com/moby/buildkit from 0.17.0 to 0.17.2 in the docker group across 1 directory (#7990)
* chore(deps): update csaf module dependency from csaf-poc to gocsaf (#7992)
* chore: downgrade the failed block expand message to debug (#7964)
* fix(misconf): do not erase variable type for child modules (#7941)
* feat(go): construct dependencies of `go.mod` main module in the parser (#7977)
* feat(go): construct dependencies in the parser (#7973)
* feat: add cvss v4 score and vector in scan response (#7968)
* docs: add `overview` page for `others` (#7972)
* fix(sbom): Fixes for Programming Language Vulnerabilities and SBOM Package Maintainer Details (#7871)
* feat(suse): Align SUSE/OpenSUSE OS Identifiers (#7965)
* chore(deps): bump the common group with 4 updates (#7949)
* feat(oracle): add `flavors` support (#7858)
* fix(misconf): Update trivy-checks default repo to `mirror.gcr.io` (#7953)
* chore(deps): Bump up trivy-checks to v1.3.0 (#7959)
* fix(k8s): check all results for vulnerabilities (#7946)
* ci(helm): bump Trivy version to 0.57.1 for Trivy Helm Chart 0.9.0 (#7945)
* feat(secret): Add built-in secrets rules for Private Packagist (#7826)
* docs: Fix broken links (#7900)
* docs: fix mistakes/typos (#7942)
* feat: Update registry fallbacks (#7679)
* fix(alpine): add `UID` for removed packages (#7887)
* chore(deps): bump the aws group with 6 updates (#7902)
* chore(deps): bump the common group with 6 updates (#7904)
* fix(debian): infinite loop (#7928)
* fix(redhat): don't return error if `root/buildinfo/content_manifests/` contains files that are not `contentSets` files (#7912)
* docs: add note about temporary podman socket (#7921)
* docs: combine trivy.dev into trivy docs (#7884)
* test: change branch in spdx schema link to check in integration tests (#7935)
* docs: add Headlamp to the Trivy Ecosystem page (#7916)
* fix(report): handle `git@github.com` schema for misconfigs in `sarif` report (#7898)
* chore(k8s): enhance k8s scan log (#6997)
* fix(terraform): set null value as fallback for missing variables (#7669)
* fix(misconf): handle null properties in CloudFormation templates (#7813)
* fix(fs): add missing defered Cleanup() call to post analyzer fs (#7882)
* chore(deps): bump the common group across 1 directory with 20 updates (#7876)
* chore: bump containerd to v2.0.0 (#7875)
* fix: Improve version comparisons when build identifiers are present (#7873)
* feat(k8s): add default commands for unknown platform (#7863)
* chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 (#7868)
* refactor(secret): optimize performance by moving ToLower operation outside loop (#7862)
* test: save `containerd` image into archive and use in tests (#7816)
* chore(deps): bump the github-actions group across 1 directory with 2 updates (#7854)
* chore: bump golangci-lint to v1.61.0 (#7853)
Update to version 0.57.1:
* feat: Update registry fallbacks [backport: release/v0.57] (#7944)
* fix(redhat): don't return error if `root/buildinfo/content_manifests/` contains files that are not `contentSets` files [backport: release/v0.57] (#7939)
* test: change branch in spdx schema link to check in integration tests [backport: release/v0.57] (#7940)
* release: v0.57.0 [main] (#7710)
* chore: lint `errors.Join` (#7845)
* feat(db): append errors (#7843)
* docs(java): add info about supported scopes (#7842)
* docs: add example of creating whitelist of checks (#7821)
* chore(deps): Bump trivy-checks (#7819)
* fix(go): Do not trim v prefix from versions in Go Mod Analyzer (#7733)
* fix(k8s): skip resources without misconfigs (#7797)
* fix(sbom): use `Annotation` instead of `AttributionTexts` for `SPDX` formats (#7811)
* fix(cli): add config name to skip-policy-update alias (#7820)
* fix(helm): properly handle multiple archived dependencies (#7782)
* refactor(misconf): Deprecate `EXCEPTIONS` for misconfiguration scanning (#7776)
* fix(k8s)!: support k8s multi container (#7444)
* fix(k8s): support kubernetes v1.31 (#7810)
* docs: add Windows install instructions (#7800)
* ci(helm): auto public Helm chart after PR merged (#7526)
* feat: add end of life date for Ubuntu 24.10 (#7787)
* feat(report): update gitlab template to populate operating_system value (#7735)
* feat(misconf): Show misconfig ID in output (#7762)
* feat(misconf): export unresolvable field of IaC types to Rego (#7765)
* refactor(k8s): scan config files as a folder (#7690)
* fix(license): fix license normalization for Universal Permissive License (#7766)
* fix: enable usestdlibvars linter (#7770)
* fix(misconf): properly expand dynamic blocks (#7612)
* feat(cyclonedx): add file checksums to `CycloneDX` reports (#7507)
* fix(misconf): fix for Azure Storage Account network acls adaptation (#7602)
* refactor(misconf): simplify k8s scanner (#7717)
* feat(parser): ignore white space in pom.xml files (#7747)
* test: use forked images (#7755)
* fix(java): correctly inherit `version` and `scope` from upper/root `depManagement` and `dependencies` into parents (#7541)
* fix(misconf): check if property is not nil before conversion (#7578)
* fix(misconf): change default ACL of digitalocean_spaces_bucket to private (#7577)
* feat(misconf): ssl_mode support for GCP SQL DB instance (#7564)
* test: define constants for test images (#7739)
* docs: add note about disabled DS016 check (#7724)
* feat(misconf): public network support for Azure Storage Account (#7601)
* feat(cli): rename `trivy auth` to `trivy registry` (#7727)
* docs: apt-transport-https is a transitional package (#7678)
* refactor(misconf): introduce generic scanner (#7515)
* fix(cli): `clean --all` deletes only relevant dirs (#7704)
* feat(cli): add `trivy auth` (#7664)
* fix(sbom): add options for DBs in private registries (#7660)
* docs(report): fix reporting doc format (#7671)
* fix(repo): `git clone` output to Stderr (#7561)
* fix(redhat): include arch in PURL qualifiers (#7654)
* fix(report): Fix invalid URI in SARIF report (#7645)
* docs(report): Improve SARIF reporting doc (#7655)
* fix(db): fix javadb downloading error handling (#7642)
* feat(cli): error out when ignore file cannot be found (#7624)
Update to version 0.56.2:
* fix(redhat): include arch in PURL qualifiers [backport: release/v0.56] (#7702)
* fix(sbom): add options for DBs in private registries [backport: release/v0.56] (#7691)
- Update to version 0.51.1 (bsc#1227010, CVE-2024-3817):
Patchnames
openSUSE-Leap-16.0-packagehub-33
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for trivy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for trivy fixes the following issues:\n\nChanges in trivy:\n\nUpdate to version 0.67.2 (bsc#1250625, CVE-2025-11065, bsc#1248897, CVE-2025-58058):\n\n * fix: Use `fetch-level: 1` to check out trivy-repo in the release workflow [backport: release/v0.67] (#9638)\n * fix: restore compatibility for google.protobuf.Value [backport: release/v0.67] (#9631)\n * fix: using SrcVersion instead of Version for echo detector [backport: release/v0.67] (#9629)\n * fix: add `buildInfo` for `BlobInfo` in `rpc` package [backport: release/v0.67] (#9615)\n * fix(vex): don\u0027t use reused BOM [backport: release/v0.67] (#9612)\n * fix(vex): don\u0027t suppress vulns for packages with infinity loop (#9465)\n * fix(aws): use `BuildableClient` insead of `xhttp.Client` (#9436)\n * refactor(misconf): replace github.com/liamg/memoryfs with internal mapfs and testing/fstest (#9282)\n * docs: clarify inline ignore limitations for resource-less checks (#9537)\n * fix(k8s): disable parallel traversal with fs cache for k8s images (#9534)\n * fix(misconf): handle tofu files in module detection (#9486)\n * feat(seal): add seal support (#9370)\n * docs: fix modules path and update code example (#9539)\n * fix: close file descriptors and pipes on error paths (#9536)\n * feat: add documentation URL for database lock errors (#9531)\n * fix(db): Dowload database when missing but metadata still exists (#9393)\n * feat(cloudformation): support default values and list results in Fn::FindInMap (#9515)\n * fix(misconf): unmark cty values before access (#9495)\n * feat(cli): change --list-all-pkgs default to true (#9510)\n * fix(nodejs): parse workspaces as objects for package-lock.json files (#9518)\n * refactor(fs): use underlyingPath to determine virtual files more reliably (#9302)\n * refactor: remove google/wire dependency and implement manual DI (#9509)\n * chore(deps): bump the aws group with 6 updates (#9481)\n * chore(deps): bump the common group across 1 directory with 24 updates (#9507)\n * fix(misconf): wrap legacy ENV values in quotes to preserve spaces (#9497)\n * docs: move info about `detection priority` into coverage section (#9469)\n * feat(sbom): added support for CoreOS (#9448)\n * fix(misconf): strip build metadata suffixes from image history (#9498)\n * feat(cyclonedx): preserve SBOM structure when scanning SBOM files with vulnerability updates (#9439)\n * docs: Fix typo in terraform docs (#9492)\n * feat(redhat): add os-release detection for RHEL-based images (#9458)\n * ci(deps): add 3-day cooldown period for Dependabot updates (#9475)\n * refactor: migrate from go-json-experiment to encoding/json/v2 (#9422)\n * fix(vuln): compare `nuget` package names in lower case (#9456)\n * chore: Update release flow to include chocolatey (#9460)\n * docs: document eol supportability (#9434)\n * docs(report): add nuanses about secret/license scanner in summary table (#9442)\n * ci: use environment variables in GitHub Actions for improved security (#9433)\n * chore: bump Go to 1.24.7 (#9435)\n * fix(nodejs): use snapshot string as `Package.ID` for pnpm packages (#9330)\n * ci(helm): bump Trivy version to 0.66.0 for Trivy Helm Chart 0.18.0 (#9425)\n\nUpdate to version 0.66.0 (bsc#1248937, CVE-2025-58058):\n\n * chore(deps): bump the aws group with 7 updates (#9419)\n * refactor(secret): clarify secret scanner messages (#9409)\n * fix(cyclonedx): handle multiple license types (#9378)\n * fix(repo): sanitize git repo URL before inserting into report metadata (#9391)\n * test: add HTTP basic authentication to git test server (#9407)\n * fix(sbom): add support for `file` component type of `CycloneDX` (#9372)\n * fix(misconf): ensure module source is known (#9404)\n * ci: migrate GitHub Actions from version tags to SHA pinning (#9405)\n * fix: create temp file under composite fs dir (#9387)\n * chore(deps): bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 (#9403)\n * refactor: switch to stable azcontainerregistry SDK package (#9319)\n * chore(deps): bump the common group with 7 updates (#9382)\n * refactor(misconf): migrate from custom Azure JSON parser (#9222)\n * fix(repo): preserve RepoMetadata on FS cache hit (#9389)\n * refactor(misconf): use atomic.Int32 (#9385)\n * chore(deps): bump the aws group with 6 updates (#9383)\n * docs: Fix broken link to \"Built-in Checks\" (#9375)\n * fix(plugin): don\u0027t remove plugins when updating index.yaml file (#9358)\n * fix: persistent flag option typo (#9374)\n * chore(deps): bump the common group across 1 directory with 26 updates (#9347)\n * fix(image): use standardized HTTP client for ECR authentication (#9322)\n * refactor: export `systemFileFiltering` Post Handler (#9359)\n * docs: update links to Semaphore pages (#9352)\n * fix(conda): memory leak by adding closure method for `package.json` file (#9349)\n * feat: add timeout handling for cache database operations (#9307)\n * fix(misconf): use correct field log_bucket instead of target_bucket in gcp bucket (#9296)\n * fix(misconf): ensure ignore rules respect subdirectory chart paths (#9324)\n * chore(deps): bump alpine from 3.21.4 to 3.22.1 (#9301)\n * feat(terraform): use .terraform cache for remote modules in plan scanning (#9277)\n * chore: fix some function names in comment (#9314)\n * chore(deps): bump the aws group with 7 updates (#9311)\n * docs: add explanation for how to use non-system certificates (#9081)\n * chore(deps): bump the github-actions group across 1 directory with 2 updates (#8962)\n * fix(misconf): preserve original paths of remote submodules from .terraform (#9294)\n * refactor(terraform): make Scan method of Terraform plan scanner private (#9272)\n * fix: suppress debug log for context cancellation errors (#9298)\n * feat(secret): implement streaming secret scanner with byte offset tracking (#9264)\n * fix(python): impove package name normalization (#9290)\n * feat(misconf): added audit config attribute (#9249)\n * refactor(misconf): decouple input fs and track extracted files with fs references (#9281)\n * test(misconf): remove BenchmarkCalculate using outdated check metadata (#9291)\n * refactor: simplify Detect function signature (#9280)\n * ci(helm): bump Trivy version to 0.65.0 for Trivy Helm Chart 0.17.0 (#9288)\n * fix(fs): avoid shadowing errors in file.glob (#9286)\n * test(misconf): move terraform scan tests to integration tests (#9271)\n * test(misconf): drop gcp iam test covered by another case (#9285)\n * chore(deps): bump to alpine from `3.21.3` to `3.21.4` (#9283)\n\nUpdate to version 0.65.0:\n\n * fix(cli): ensure correct command is picked by telemetry (#9260)\n * feat(flag): add schema validation for `--server` flag (#9270)\n * chore(deps): bump github.com/docker/docker from 28.3.2+incompatible to 28.3.3+incompatible (#9274)\n * ci: skip undefined labels in discussion triage action (#9175)\n * feat(repo): add git repository metadata to reports (#9252)\n * fix(license): handle WITH operator for `LaxSplitLicenses` (#9232)\n * chore: add modernize tool integration for code modernization (#9251)\n * fix(secret): add UTF-8 validation in secret scanner to prevent protobuf marshalling errors (#9253)\n * chore: implement process-safe temp file cleanup (#9241)\n * fix: prevent graceful shutdown message on normal exit (#9244)\n * fix(misconf): correctly parse empty port ranges in google_compute_firewall (#9237)\n * feat: add graceful shutdown with signal handling (#9242)\n * chore: update template URL for brew formula (#9221)\n * test: add end-to-end testing framework with image scan and proxy tests (#9231)\n * refactor(db): use `Getter` interface with `GetParams` for trivy-db sources (#9239)\n * ci: specify repository for `gh cache delete` in canary worklfow (#9240)\n * ci: remove invalid `--confirm` flag from `gh cache delete` command in canary builds (#9236)\n * fix(misconf): fix log bucket in schema (#9235)\n * chore(deps): bump the common group across 1 directory with 24 updates (#9228)\n * ci: move runner.os context from job-level env to step-level in canary workflow (#9233)\n * chore(deps): bump up Trivy-kubernetes to v0.9.1 (#9214)\n * feat(misconf): added logging and versioning to the gcp storage bucket (#9226)\n * fix(server): add HTTP transport setup to server mode (#9217)\n * chore: update the rpm download Update (#9202)\n * feat(alma): add AlmaLinux 10 support (#9207)\n * fix(nodejs): don\u0027t use prerelease logic for compare npm constraints (#9208)\n * fix(rootio): fix severity selection (#9181)\n * fix(sbom): merge in-graph and out-of-graph OS packages in scan results (#9194)\n * fix(cli): panic: attempt to get os.Args[1] when len(os.Args) \u003c 2 (#9206)\n * fix(misconf): correctly adapt azure storage account (#9138)\n * feat(misconf): add private ip google access attribute to subnetwork (#9199)\n * feat(report): add CVSS vectors in sarif report (#9157)\n * fix(terraform): `for_each` on a map returns a resource for every key (#9156)\n * fix: supporting .egg-info/METADATA in python.Packaging analyzer (#9151)\n * chore: migrate protoc setup from Docker to buf CLI (#9184)\n * ci: delete cache after artifacts upload in canary workflow (#9177)\n * refactor: remove aws flag helper message (#9080)\n * ci: use gh pr view to get PR number for forked repositories in auto-ready workflow (#9183)\n * ci: add auto-ready-for-review workflow (#9179)\n * feat(image): add Docker context resolution (#9166)\n * ci: optimize golangci-lint performance with cache-based strategy (#9173)\n * feat: add HTTP request/response tracing support (#9125)\n * fix(aws): update amazon linux 2 EOL date (#9176)\n * chore: Update release workflow to trigger version updates (#9162)\n * chore(deps): bump helm.sh/helm/v3 from 3.18.3 to 3.18.4 (#9164)\n * fix: also check `filepath` when removing duplicate packages (#9142)\n * chore: add debug log to show image source location (#9163)\n * docs: add section on customizing default check data (#9114)\n * chore(deps): bump the common group across 1 directory with 9 updates (#9153)\n * docs: partners page content updates (#9149)\n * chore(license): add missed spdx exceptions: (#9147)\n * docs: trivy partners page updates (#9133)\n * fix: migrate from `*.list` to `*.md5sums` files for `dpkg` (#9131)\n * ci(helm): bump Trivy version to 0.64.1 for Trivy Helm Chart 0.16.1 (#9135)\n * feat(sbom): add SHA-512 hash support for CycloneDX SBOM (#9126)\n * fix(misconf): skip rewriting expr if attr is nil (#9113)\n * fix(license): add missed `GFDL-NIV-1.1` and `GFDL-NIV-1.2` into Trivy mapping (#9116)\n * fix(cli): Add more non-sensitive flags to telemetry (#9110)\n * fix(alma): parse epochs from rpmqa file (#9101)\n * fix(rootio): check full version to detect `root.io` packages (#9117)\n * chore: drop FreeBSD 32-bit support (#9102)\n * fix(sbom): use correct field for licenses in CycloneDX reports (#9057)\n * fix(secret): fix line numbers for multiple-line secrets (#9104)\n * feat(license): observe pkg types option in license scanner (#9091)\n * ci(helm): bump Trivy version to 0.64.0 for Trivy Helm Chart 0.16.0 (#9107)\n- (CVE-2025-53547, bsc#1246151)\n\n- Update to version 0.64.1 (bsc#1243633, CVE-2025-47291,\n (bsc#1246730, CVE-2025-46569):\n\n * fix(misconf): skip rewriting expr if attr is nil [backport: release/v0.64] (#9127)\n * fix(cli): Add more non-sensitive flags to telemetry [backport: release/v0.64] (#9124)\n * fix(rootio): check full version to detect `root.io` packages [backport: release/v0.64] (#9120)\n * fix(alma): parse epochs from rpmqa file [backport: release/v0.64] (#9119)\n * docs(python): fix type with METADATA file name (#9090)\n * feat: reject unsupported artifact types in remote image retrieval (#9052)\n * chore(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 (#9088)\n * refactor(misconf): rewrite Rego module filtering using functional filters (#9061)\n * feat(terraform): add partial evaluation for policy templates (#8967)\n * feat(vuln): add Root.io support for container image scanning (#9073)\n * feat(sbom): add manufacturer field to CycloneDX tools metadata (#9019)\n * fix(cli): add some values to the telemetry call (#9056)\n * feat(ubuntu): add end of life date for Ubuntu 25.04 (#9077)\n * refactor: centralize HTTP transport configuration (#9058)\n * test: include integration tests in linting and fix all issues (#9060)\n * chore(deps): bump the common group across 1 directory with 26 updates (#9063)\n * feat(java): dereference all maven settings.xml env placeholders (#9024)\n * fix(misconf): reduce log noise on incompatible check (#9029)\n * fix(misconf): .Config.User always takes precedence over USER in .History (#9050)\n * chore(deps): update Docker to v28.2.2 and fix compatibility issues (#9037)\n * docs(misconf): simplify misconfiguration docs (#9030)\n * fix(misconf): move disabled checks filtering after analyzer scan (#9002)\n * docs: add PR review policy for maintainers (#9032)\n * fix(sbom): remove unnecessary OS detection check in SBOM decoding (#9034)\n * test: improve and extend tests for iac/adapters/arm (#9028)\n * chore: bump up Go version to 1.24.4 (#9031)\n * feat(cli): add version constraints to annoucements (#9023)\n * fix(misconf): correct Azure value-to-time conversion in AsTimeValue (#9015)\n * feat(ubuntu): add eol date for 20.04-ESM (#8981)\n * fix(report): don\u0027t panic when report contains vulns, but doesn\u0027t contain packages for `table` format (#8549)\n * fix(nodejs): correctly parse `packages` array of `bun.lock` file (#8998)\n * refactor: use strings.SplitSeq instead of strings.Split in for-loop (#8983)\n * docs: change --disable-metrics to --disable-telemetry in example (#8999) (#9003)\n * feat(misconf): add OpenTofu file extension support (#8747)\n * refactor(misconf): set Trivy version by default in Rego scanner (#9001)\n * docs: fix assets with versioning (#8996)\n * docs: add partners page (#8988)\n * chore(alpine): add EOL date for Alpine 3.22 (#8992)\n * fix: don\u0027t show corrupted trivy-db warning for first run (#8991)\n * Update installation.md (#8979)\n * feat(misconf): normalize CreatedBy for buildah and legacy docker builder (#8953)\n * chore(k8s): update comments with deprecated command format (#8964)\n * chore: fix errors and typos in docs (#8963)\n * fix: Add missing version check flags (#8951)\n * feat(redhat): Add EOL date for RHEL 10. (#8910)\n * fix: Correctly check for semver versions for trivy version check (#8948)\n * refactor(server): change custom advisory and vulnerability data types fr\u2026 (#8923)\n * ci(helm): bump Trivy version to 0.63.0 for Trivy Helm Chart 0.15.0 (#8946)\n * fix(misconf): use argument value in WithIncludeDeprecatedChecks (#8942)\n * chore(deps): Bump trivy-checks (#8934)\n * fix(julia): add `Relationship` field support (#8939)\n * feat(minimos): Add support for MinimOS (#8792)\n * feat(alpine): add maintainer field extraction for APK packages (#8930)\n * feat(echo): Add Echo Support (#8833)\n * fix(redhat): Also try to find buildinfo in root layer (layer 0) (#8924)\n * fix(wolfi): support new APK database location (#8937)\n * feat(k8s): get components from namespaced resources (#8918)\n * refactor(cloudformation): remove unused ScanFile method from Scanner (#8927)\n * refactor(terraform): remove result sorting from scanner (#8928)\n * feat(misconf): Add support for `Minimum Trivy Version` (#8880)\n * docs: improve skipping files documentation (#8749)\n * feat(cli): Add available version checking (#8553)\n * feat(nodejs): add a bun.lock analyzer (#8897)\n * feat: terraform parser option to set current working directory (#8909)\n * perf(secret): only match secrets of meaningful length, allow example strings to not be matched (#8602)\n * feat(misconf): export raw Terraform data to Rego (#8741)\n * refactor(terraform): simplify AllReferences method signature in Attribute (#8906)\n * fix: check post-analyzers for StaticPaths (#8904)\n * feat: add Bottlerocket OS package analyzer (#8653)\n * feat(license): improve work text licenses with custom classification (#8888)\n * chore(deps): bump github.com/containerd/containerd/v2 from 2.1.0 to 2.1.1 (#8901)\n * chore(deps): bump the common group across 1 directory with 9 updates (#8887)\n * refactor(license): simplify compound license scanning (#8896)\n * feat(license): Support compound licenses (licenses using SPDX operators) (#8816)\n * fix(k8s): use in-memory cache backend during misconfig scanning (#8873)\n * feat(nodejs): add bun.lock parser (#8851)\n * feat(license): improve work with custom classification of licenses from config file (#8861)\n * fix(cli): disable `--skip-dir` and `--skip-files` flags for `sbom` command (#8886)\n * fix: julia parser panicing (#8883)\n * refactor(db): change logic to detect wrong DB (#8864)\n * fix(cli): don\u0027t use allow values for `--compliance` flag (#8881)\n * docs(misconf): Reorganize misconfiguration scan pages (#8206)\n * fix(server): add missed Relationship field for `rpc` (#8872)\n * feat: add JSONC support for comments and trailing commas (#8862)\n * fix(vex): use `lo.IsNil` to check `VEX` from OCI artifact (#8858)\n * feat(go): support license scanning in both GOPATH and vendor (#8843)\n * fix(redhat): save contentSets for OS packages in fs/vm modes (#8820)\n * fix: filter all files when processing files installed from package managers (#8842)\n * feat(misconf): add misconfiguration location to junit template (#8793)\n * docs(vuln): remove OSV for Python from data sources (#8841)\n * chore: add an issue template for maintainers (#8838)\n * chore: enable staticcheck (#8815)\n * ci(helm): bump Trivy version to 0.62.1 for Trivy Helm Chart 0.14.1 (#8836)\n * feat(license): scan vendor directory for license for go.mod files (#8689)\n * docs(java): Update info about dev deps in gradle lock (#8830)\n * chore(deps): bump golang.org/x/sync from 0.13.0 to 0.14.0 in the common group (#8822)\n * fix(java): exclude dev dependencies in gradle lockfile (#8803)\n * fix: octalLiteral from go-critic (#8811)\n * fix(redhat): trim invalid suffix from content_sets in manifest parsing (#8818)\n * chore(deps): bump the common group across 1 directory with 10 updates (#8817)\n * fix: use-any from revive (#8810)\n * fix: more revive rules (#8814)\n * docs: change in java.md: fix the Trity -to-\u003e Trivy typo (#8813)\n * fix(misconf): check if for-each is known when expanding dyn block (#8808)\n * ci(helm): bump Trivy version to 0.62.0 for Trivy Helm Chart 0.14.0 (#8802)\n\n- Update to version 0.62.1 (bsc#1239225, CVE-2025-22868,\n bsc#1241724, CVE-2025-22872):\n\n * chore(deps): bump the common group across 1 directory with 10 updates [backport: release/v0.62] (#8831)\n * fix(misconf): check if for-each is known when expanding dyn block [backport: release/v0.62] (#8826)\n * fix(redhat): trim invalid suffix from content_sets in manifest parsing [backport: release/v0.62] (#8824)\n * feat(nodejs): add root and workspace for `yarn` packages (#8535)\n * fix: unused-parameter rule from revive (#8794)\n * chore(deps): Update trivy-checks (#8798)\n * fix: early-return, indent-error-flow and superfluous-else rules from revive (#8796)\n * fix(k8s): remove using `last-applied-configuration` (#8791)\n * refactor(misconf): remove unused methods from providers (#8781)\n * refactor(misconf): remove unused methods from iac types (#8782)\n * fix(misconf): filter null nodes when parsing json manifest (#8785)\n * fix: testifylint last issues (#8768)\n * fix(misconf): perform operations on attribute safely (#8774)\n * refactor(ubuntu): update time handling for fixing time (#8780)\n * chore(deps): bump golangci-lint to v2.1.2 (#8766)\n * feat(image): save layers metadata into report (#8394)\n * feat(misconf): convert AWS managed policy to document (#8757)\n * chore(deps): bump the docker group across 1 directory with 3 updates (#8762)\n * ci(helm): bump Trivy version to 0.61.1 for Trivy Helm Chart 0.13.1 (#8753)\n * ci(helm): create a helm branch for patches from main (#8673)\n * fix(terraform): hcl object expressions to return references (#8271)\n * chore(terraform): option to pass in instanced logger (#8738)\n * ci: use `Skitionek/notify-microsoft-teams` instead of `aquasecurity` fork (#8740)\n * chore(terraform): remove os.OpenPath call from terraform file functions (#8737)\n * chore(deps): bump the common group across 1 directory with 23 updates (#8733)\n * feat(rust): add root and workspace relationships/package for `cargo` lock files (#8676)\n * refactor(misconf): remove module outputs from parser.EvaluateAll (#8587)\n * fix(misconf): populate context correctly for module instances (#8656)\n * fix(misconf): check if metadata is not nil (#8647)\n * refactor(misconf): switch to x/json (#8719)\n * fix(report): clean buffer after flushing (#8725)\n * ci: improve PR title validation workflow (#8720)\n * refactor(flag): improve flag system architecture and extensibility (#8718)\n * fix(terraform): `evaluateStep` to correctly set `EvalContext` for multiple instances of blocks (#8555)\n * refactor: migrate from `github.com/aquasecurity/jfather` to `github.com/go-json-experiment/json` (#8591)\n * feat(misconf): support auto_provisioning_defaults in google_container_cluster (#8705)\n * ci: use `github.event.pull_request.user.login` for release PR check workflow (#8702)\n * refactor: add hook interface for extended functionality (#8585)\n * fix(misconf): add missing variable as unknown (#8683)\n * docs: Update maintainer docs (#8674)\n * ci(vuln): reduce github action script injection attack risk (#8610)\n * fix(secret): ignore .dist-info directories during secret scanning (#8646)\n * fix(server): fix redis key when trying to delete blob (#8649)\n * chore(deps): bump the testcontainers group with 2 updates (#8650)\n * test: use `aquasecurity` repository for test images (#8677)\n * chore(deps): bump the aws group across 1 directory with 5 updates (#8652)\n * fix(k8s): skip passed misconfigs for the summary report (#8684)\n * fix(k8s): correct compare artifact versions (#8682)\n * chore: update Docker lib (#8681)\n * refactor(misconf): remove unused terraform attribute methods (#8657)\n * feat(misconf): add option to pass Rego scanner to IaC scanner (#8369)\n * chore: typo fix to replace `rego` with `repo` on the RepoFlagGroup options error output (#8643)\n * docs: Add info about helm charts release (#8640)\n * ci(helm): bump Trivy version to 0.61.0 for Trivy Helm Chart 0.13.0 (#8638)\n\nUpdate to version 0.61.1 (bsc#1239385, CVE-2025-22869, bsc#1240466, CVE-2025-30204):\n\n * fix(k8s): skip passed misconfigs for the summary report [backport: release/v0.61] (#8748)\n * fix(k8s): correct compare artifact versions [backport: release/v0.61] (#8699)\n * test: use `aquasecurity` repository for test images [backport: release/v0.61] (#8698)\n * fix(misconf): Improve logging for unsupported checks (#8634)\n * feat(k8s): add support for controllers (#8614)\n * fix(debian): don\u0027t include empty licenses for `dpkgs` (#8623)\n * fix(misconf): Check values wholly prior to evalution (#8604)\n * chore(deps): Bump trivy-checks (#8619)\n * fix(k8s): show report for `--report all` (#8613)\n * chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 (#8597)\n * refactor: rename scanner to service (#8584)\n * fix(misconf): do not skip loading documents from subdirectories (#8526)\n * refactor(misconf): get a block or attribute without calling HasChild (#8586)\n * fix(misconf): identify the chart file exactly by name (#8590)\n * test: use table-driven tests in Helm scanner tests (#8592)\n * refactor(misconf): Simplify misconfig checks bundle parsing (#8533)\n * chore(deps): bump the common group across 1 directory with 10 updates (#8566)\n * fix(misconf): do not use cty.NilVal for non-nil values (#8567)\n * docs(cli): improve flag value display format (#8560)\n * fix(misconf): set default values for AWS::EKS::Cluster.ResourcesVpcConfig (#8548)\n * docs: remove slack (#8565)\n * fix: use `--file-patterns` flag for all post analyzers (#7365)\n * docs(python): Mention pip-compile (#8484)\n * feat(misconf): adapt aws_opensearch_domain (#8550)\n * feat(misconf): adapt AWS::EC2::VPC (#8534)\n * docs: fix a broken link (#8546)\n * fix(fs): check postAnalyzers for StaticPaths (#8543)\n * refactor(misconf): remove unused methods for ec2.Instance (#8536)\n * feat(misconf): adapt aws_default_security_group (#8538)\n * feat(fs): optimize scanning performance by direct file access for known paths (#8525)\n * feat(misconf): adapt AWS::DynamoDB::Table (#8529)\n * style: Fix MD syntax in self-hosting.md (#8523)\n * perf(misconf): retrieve check metadata from annotations once (#8478)\n * feat(misconf): Add support for aws_ami (#8499)\n * fix(misconf): skip Azure CreateUiDefinition (#8503)\n * refactor(misconf): use OPA v1 (#8518)\n * fix(misconf): add ephemeral block type to config schema (#8513)\n * perf(misconf): parse input for Rego once (#8483)\n * feat: replace TinyGo with standard Go for WebAssembly modules (#8496)\n * chore: replace deprecated tenv linter with usetesting (#8504)\n * fix(spdx): save text licenses into `otherLicenses` without normalize (#8502)\n * chore(deps): bump the common group across 1 directory with 13 updates (#8491)\n * chore: use go.mod for managing Go tools (#8493)\n * ci(helm): bump Trivy version to 0.60.0 for Trivy Helm Chart 0.12.0 (#8494)\n * fix(sbom): improve logic for binding direct dependency to parent component (#8489)\n * chore(deps): remove missed replace of `trivy-db` (#8492)\n * chore(deps): bump alpine from 3.21.0 to 3.21.3 in the docker group across 1 directory (#8490)\n * chore(deps): update Go to 1.24 and switch to go-version-file (#8388)\n * docs: add abbreviation list (#8453)\n * chore(terraform): assign *terraform.Module \u0027parent\u0027 field (#8444)\n * feat: add report summary table (#8177)\n * chore(deps): bump the github-actions group with 3 updates (#8473)\n * refactor(vex): improve SBOM reference handling with project standards (#8457)\n * ci: update GitHub Actions cache to v4 (#8475)\n * feat: add `--vuln-severity-source` flag (#8269)\n * fix(os): add mapping OS aliases (#8466)\n * chore(deps): bump the aws group across 1 directory with 7 updates (#8468)\n * chore(deps): Bump trivy-checks to v1.7.1 (#8467)\n * refactor(report): write tables after rendering all results (#8357)\n * docs: update VEX documentation index page (#8458)\n * fix(db): fix case when 2 trivy-db were copied at the same time (#8452)\n * feat(misconf): render causes for Terraform (#8360)\n * fix(misconf): fix incorrect k8s locations due to JSON to YAML conversion (#8073)\n * feat(cyclonedx): Add initial support for loading external VEX files from SBOM references (#8254)\n * chore(deps): update go-rustaudit location (#8450)\n * fix: update all documentation links (#8045)\n * chore(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 (#8443)\n * chore(deps): bump the common group with 6 updates (#8411)\n * fix(k8s): add missed option `PkgRelationships` (#8442)\n * fix(sbom): add SBOM file\u0027s filePath as Application FilePath if we can\u0027t detect its path (#8346)\n * feat(go): fix parsing main module version for go \u003e= 1.24 (#8433)\n * refactor(misconf): make Rego scanner independent of config type (#7517)\n * fix(image): disable AVD-DS-0007 for history scanning (#8366)\n * fix(server): secrets inspectation for the config analyzer in client server mode (#8418)\n * chore: remove mockery (#8417)\n * test(server): replace mock driver with memory cache in server tests (#8416)\n * test: replace mock with memory cache and fix non-deterministic tests (#8410)\n * test: replace mock with memory cache in scanner tests (#8413)\n * test: use memory cache (#8403)\n * fix(spdx): init `pkgFilePaths` map for all formats (#8380)\n * chore(deps): bump the common group across 1 directory with 11 updates (#8381)\n * docs: correct Ruby documentation (#8402)\n * chore: bump `mockery` to update v2.52.2 version and rebuild mock files (#8390)\n * fix: don\u0027t use `scope` for `trivy registry login` command (#8393)\n * fix(go): merge nested flags into string for ldflags for Go binaries (#8368)\n * chore(terraform): export module path on terraform modules (#8374)\n * fix(terraform): apply parser options to submodule parsing (#8377)\n * docs: Fix typos in documentation (#8361)\n * docs: fix navigate links (#8336)\n * ci(helm): bump Trivy version to 0.59.1 for Trivy Helm Chart 0.11.1 (#8354)\n * ci(spdx): add `aqua-installer` step to fix `mage` error (#8353)\n * chore: remove debug prints (#8347)\n * fix(misconf): do not log scanners when misconfig scanning is disabled (#8345)\n * fix(report): remove html escaping for `shortDescription` and `fullDescription` fields for sarif reports (#8344)\n * chore(deps): bump Go to `v1.23.5` (#8341)\n * fix(python): add `poetry` v2 support (#8323)\n * chore(deps): bump the github-actions group across 1 directory with 4 updates (#8331)\n * fix(misconf): ecs include enhanced for container insights (#8326)\n * fix(sbom): preserve OS packages from multiple SBOMs (#8325)\n * ci(helm): bump Trivy version to 0.59.0 for Trivy Helm Chart 0.11.0 (#8311)\n * (bsc#1237618, CVE-2025-27144)\n\nUpdate to version 0.59.1:\n\n * fix(misconf): do not log scanners when misconfig scanning is disabled [backport: release/v0.59] (#8349)\n * chore(deps): bump Go to `v1.23.5` [backport: release/v0.59] (#8343)\n * fix(python): add `poetry` v2 support [backport: release/v0.59] (#8335)\n * fix(sbom): preserve OS packages from multiple SBOMs [backport: release/v0.59] (#8333)\n\nUpdate to version 0.59.0:\n\n * feat(image): return error early if total size of layers exceeds limit (#8294)\n * chore(deps): Bump trivy-checks (#8310)\n * chore(terraform): add accessors to underlying raw hcl values (#8306)\n * fix: improve conversion of image config to Dockerfile (#8308)\n * docs: replace short codes with Unicode emojis (#8296)\n * feat(k8s): improve artifact selections for specific namespaces (#8248)\n * chore: update code owners (#8303)\n * fix(misconf): handle heredocs in dockerfile instructions (#8284)\n * fix: de-duplicate same `dpkg` packages with different filePaths from different layers (#8298)\n * chore(deps): bump the aws group with 7 updates (#8299)\n * chore(deps): bump the common group with 12 updates (#8301)\n * chore: enable int-conversion from perfsprint (#8194)\n * feat(fs): use git commit hash as cache key for clean repositories (#8278)\n * fix(spdx): use the `hasExtractedLicensingInfos` field for licenses that are not listed in the SPDX (#8077)\n * chore: use require.ErrorContains when possible (#8291)\n * feat(image): prevent scanning oversized container images (#8178)\n * chore(deps): use aqua forks for `github.com/liamg/jfather` and `github.com/liamg/iamgo` (#8289)\n * fix(fs): fix cache key generation to use UUID (#8275)\n * fix(misconf): correctly handle all YAML tags in K8S templates (#8259)\n * feat: add support for registry mirrors (#8244)\n * chore(deps): bump the common group across 1 directory with 29 updates (#8261)\n * refactor(license): improve license expression normalization (#8257)\n * feat(misconf): support for ignoring by inline comments for Dockerfile (#8115)\n * feat: add a examples field to check metadata (#8068)\n * chore(deps): bump alpine from 3.20.0 to 3.21.0 in the docker group across 1 directory (#8196)\n * ci: add workflow to restrict direct PRs to release branches (#8240)\n * fix(suse): SUSE - update OSType constants and references for compatility (#8236)\n * ci: fix path to main dir for canary builds (#8231)\n * chore(secret): add reported issues related to secrets in junit template (#8193)\n * refactor: use trivy-checks/pkg/specs package (#8226)\n * ci(helm): bump Trivy version to 0.58.1 for Trivy Helm Chart 0.10.0 (#8170)\n * fix(misconf): allow null values only for tf variables (#8112)\n * feat(misconf): support for ignoring by inline comments for Helm (#8138)\n * fix(redhat): check `usr/share/buildinfo/` dir to detect content sets (#8222)\n * chore(alpine): add EOL date for Alpine 3.21 (#8221)\n * fix: CVE-2025-21613 and CVE-2025-21614 : go-git: argument injection via the URL field (#8207)\n * fix(misconf): disable git terminal prompt on tf module load (#8026)\n * chore: remove aws iam related scripts (#8179)\n * docs: Updated JSON schema version 2 in the trivy documentation (#8188)\n * refactor(python): use once + debug for `License acquired from METADATA...` logs (#8175)\n * refactor: use slices package instead of custom function (#8172)\n * chore(deps): bump the common group with 6 updates (#8162)\n * feat(python): add support for uv dev and optional dependencies (#8134)\n * feat(python): add support for poetry dev dependencies (#8152)\n * fix(sbom): attach nested packages to Application (#8144)\n * docs(vex): use debian minor version in examples (#8166)\n * refactor: add generic Set implementation (#8149)\n * chore(deps): bump the aws group across 1 directory with 6 updates (#8163)\n * fix(python): skip dev group\u0027s deps for poetry (#8106)\n * fix(sbom): use root package for `unknown` dependencies (if exists) (#8104)\n * chore(deps): bump `golang.org/x/net` from `v0.32.0` to `v0.33.0` (#8140)\n * chore(vex): suppress CVE-2024-45338 (#8137)\n * feat(python): add support for uv (#8080)\n * chore(deps): bump the docker group across 1 directory with 3 updates (#8127)\n * chore(deps): bump the common group across 1 directory with 14 updates (#8126)\n * chore: bump go to 1.23.4 (#8123)\n * test: set dummy value for NUGET_PACKAGES (#8107)\n * chore(deps): bump `github.com/CycloneDX/cyclonedx-go` from `v0.9.1` to `v0.9.2` (#8105)\n * chore(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 (#8103)\n * fix: wasm module test (#8099)\n * fix: CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass (#8088)\n * chore(vex): suppress CVE-2024-45337 (#8101)\n * fix(license): always trim leading and trailing spaces for licenses (#8095)\n * fix(sbom): scan results of SBOMs generated from container images are missing layers (#7635)\n * fix(redhat): correct rewriting of recommendations for the same vulnerability (#8063)\n * fix: enable err-error and errorf rules from perfsprint linter (#7859)\n * chore(deps): bump the aws group across 1 directory with 6 updates (#8074)\n * perf: avoid heap allocation in applier findPackage (#7883)\n * fix: Updated twitter icon (#7772)\n * docs(k8s): add a note about multi-container pods (#7815)\n * feat: add `--distro` flag to manually specify OS distribution for vulnerability scanning (#8070)\n * fix(oracle): add architectures support for advisories (#4809)\n * fix: handle `BLOW_UNKNOWN` error to download DBs (#8060)\n * feat(misconf): generate placeholders for random provider resources (#8051)\n * fix(sbom): fix wrong overwriting of applications obtained from different sbom files but having same app type (#8052)\n * fix(flag): skip hidden flags for `--generate-default-config` command (#8046)\n * fix(java): correctly overwrite version from depManagement if dependency uses `project.*` props (#8050)\n * feat(nodejs): respect peer dependencies for dependency tree (#7989)\n * ci(helm): bump Trivy version to 0.58.0 for Trivy Helm Chart 0.10.0 (#8038)\n * fix: respect GITHUB_TOKEN to download artifacts from GHCR (#7580)\n * chore(deps): bump github.com/moby/buildkit from 0.17.2 to 0.18.0 in the docker group (#8029)\n * fix(misconf): use log instead of fmt for logging (#8033)\n * docs: add commercial content (#8030)\n\n- Update to version 0.58.2 (\n bsc#1234512, CVE-2024-45337,\n bsc#1235265, CVE-2024-45338,\n bsc#1232948, CVE-2024-51744):\n\n * fix(misconf): allow null values only for tf variables [backport: release/v0.58] (#8238)\n * fix(suse): SUSE - update OSType constants and references for compatility [backport: release/v0.58] (#8237)\n * fix: CVE-2025-21613 and CVE-2025-21614 : go-git: argument injection via the URL field [backport: release/v0.58] (#8215)\n * fix(sbom): attach nested packages to Application [backport: release/v0.58] (#8168)\n * fix(python): skip dev group\u0027s deps for poetry [backport: release/v0.58] (#8158)\n * fix(sbom): use root package for `unknown` dependencies (if exists) [backport: release/v0.58] (#8156)\n * chore(deps): bump `golang.org/x/net` from `v0.32.0` to `v0.33.0` [backport: release/v0.58] (#8142)\n * chore(deps): bump `github.com/CycloneDX/cyclonedx-go` from `v0.9.1` to `v0.9.2` [backport: release/v0.58] (#8136)\n * fix(redhat): correct rewriting of recommendations for the same vulnerability [backport: release/v0.58] (#8135)\n * fix(oracle): add architectures support for advisories [backport: release/v0.58] (#8125)\n * fix(sbom): fix wrong overwriting of applications obtained from different sbom files but having same app type [backport: release/v0.58] (#8124)\n * chore(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 [backport: release/v0.58] (#8122)\n * fix: handle `BLOW_UNKNOWN` error to download DBs [backport: release/v0.58] (#8121)\n * fix(java): correctly overwrite version from depManagement if dependency uses `project.*` props [backport: release/v0.58] (#8119)\n * fix(misconf): wrap AWS EnvVar to iac types (#7407)\n * chore(deps): Upgrade trivy-checks (#8018)\n * refactor(misconf): Remove unused options (#7896)\n * docs: add terminology page to explain Trivy concepts (#7996)\n * feat: add `workspaceRelationship` (#7889)\n * refactor(sbom): simplify relationship generation (#7985)\n * chore: remove Go checks (#7907)\n * docs: improve databases documentation (#7732)\n * refactor: remove support for custom Terraform checks (#7901)\n * docs: fix dead links (#7998)\n * docs: drop AWS account scanning (#7997)\n * fix(aws): change CPU and Memory type of ContainerDefinition to a string (#7995)\n * fix(cli): Handle empty ignore files more gracefully (#7962)\n * fix(misconf): load full Terraform module (#7925)\n * fix(misconf): properly resolve local Terraform cache (#7983)\n * refactor(k8s): add v prefix for Go packages (#7839)\n * test: replace Go checks with Rego (#7867)\n * feat(misconf): log causes of HCL file parsing errors (#7634)\n * chore(deps): bump the aws group across 1 directory with 7 updates (#7991)\n * chore(deps): bump github.com/moby/buildkit from 0.17.0 to 0.17.2 in the docker group across 1 directory (#7990)\n * chore(deps): update csaf module dependency from csaf-poc to gocsaf (#7992)\n * chore: downgrade the failed block expand message to debug (#7964)\n * fix(misconf): do not erase variable type for child modules (#7941)\n * feat(go): construct dependencies of `go.mod` main module in the parser (#7977)\n * feat(go): construct dependencies in the parser (#7973)\n * feat: add cvss v4 score and vector in scan response (#7968)\n * docs: add `overview` page for `others` (#7972)\n * fix(sbom): Fixes for Programming Language Vulnerabilities and SBOM Package Maintainer Details (#7871)\n * feat(suse): Align SUSE/OpenSUSE OS Identifiers (#7965)\n * chore(deps): bump the common group with 4 updates (#7949)\n * feat(oracle): add `flavors` support (#7858)\n * fix(misconf): Update trivy-checks default repo to `mirror.gcr.io` (#7953)\n * chore(deps): Bump up trivy-checks to v1.3.0 (#7959)\n * fix(k8s): check all results for vulnerabilities (#7946)\n * ci(helm): bump Trivy version to 0.57.1 for Trivy Helm Chart 0.9.0 (#7945)\n * feat(secret): Add built-in secrets rules for Private Packagist (#7826)\n * docs: Fix broken links (#7900)\n * docs: fix mistakes/typos (#7942)\n * feat: Update registry fallbacks (#7679)\n * fix(alpine): add `UID` for removed packages (#7887)\n * chore(deps): bump the aws group with 6 updates (#7902)\n * chore(deps): bump the common group with 6 updates (#7904)\n * fix(debian): infinite loop (#7928)\n * fix(redhat): don\u0027t return error if `root/buildinfo/content_manifests/` contains files that are not `contentSets` files (#7912)\n * docs: add note about temporary podman socket (#7921)\n * docs: combine trivy.dev into trivy docs (#7884)\n * test: change branch in spdx schema link to check in integration tests (#7935)\n * docs: add Headlamp to the Trivy Ecosystem page (#7916)\n * fix(report): handle `git@github.com` schema for misconfigs in `sarif` report (#7898)\n * chore(k8s): enhance k8s scan log (#6997)\n * fix(terraform): set null value as fallback for missing variables (#7669)\n * fix(misconf): handle null properties in CloudFormation templates (#7813)\n * fix(fs): add missing defered Cleanup() call to post analyzer fs (#7882)\n * chore(deps): bump the common group across 1 directory with 20 updates (#7876)\n * chore: bump containerd to v2.0.0 (#7875)\n * fix: Improve version comparisons when build identifiers are present (#7873)\n * feat(k8s): add default commands for unknown platform (#7863)\n * chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 (#7868)\n * refactor(secret): optimize performance by moving ToLower operation outside loop (#7862)\n * test: save `containerd` image into archive and use in tests (#7816)\n * chore(deps): bump the github-actions group across 1 directory with 2 updates (#7854)\n * chore: bump golangci-lint to v1.61.0 (#7853)\n\nUpdate to version 0.57.1:\n\n * feat: Update registry fallbacks [backport: release/v0.57] (#7944)\n * fix(redhat): don\u0027t return error if `root/buildinfo/content_manifests/` contains files that are not `contentSets` files [backport: release/v0.57] (#7939)\n * test: change branch in spdx schema link to check in integration tests [backport: release/v0.57] (#7940)\n * release: v0.57.0 [main] (#7710)\n * chore: lint `errors.Join` (#7845)\n * feat(db): append errors (#7843)\n * docs(java): add info about supported scopes (#7842)\n * docs: add example of creating whitelist of checks (#7821)\n * chore(deps): Bump trivy-checks (#7819)\n * fix(go): Do not trim v prefix from versions in Go Mod Analyzer (#7733)\n * fix(k8s): skip resources without misconfigs (#7797)\n * fix(sbom): use `Annotation` instead of `AttributionTexts` for `SPDX` formats (#7811)\n * fix(cli): add config name to skip-policy-update alias (#7820)\n * fix(helm): properly handle multiple archived dependencies (#7782)\n * refactor(misconf): Deprecate `EXCEPTIONS` for misconfiguration scanning (#7776)\n * fix(k8s)!: support k8s multi container (#7444)\n * fix(k8s): support kubernetes v1.31 (#7810)\n * docs: add Windows install instructions (#7800)\n * ci(helm): auto public Helm chart after PR merged (#7526)\n * feat: add end of life date for Ubuntu 24.10 (#7787)\n * feat(report): update gitlab template to populate operating_system value (#7735)\n * feat(misconf): Show misconfig ID in output (#7762)\n * feat(misconf): export unresolvable field of IaC types to Rego (#7765)\n * refactor(k8s): scan config files as a folder (#7690)\n * fix(license): fix license normalization for Universal Permissive License (#7766)\n * fix: enable usestdlibvars linter (#7770)\n * fix(misconf): properly expand dynamic blocks (#7612)\n * feat(cyclonedx): add file checksums to `CycloneDX` reports (#7507)\n * fix(misconf): fix for Azure Storage Account network acls adaptation (#7602)\n * refactor(misconf): simplify k8s scanner (#7717)\n * feat(parser): ignore white space in pom.xml files (#7747)\n * test: use forked images (#7755)\n * fix(java): correctly inherit `version` and `scope` from upper/root `depManagement` and `dependencies` into parents (#7541)\n * fix(misconf): check if property is not nil before conversion (#7578)\n * fix(misconf): change default ACL of digitalocean_spaces_bucket to private (#7577)\n * feat(misconf): ssl_mode support for GCP SQL DB instance (#7564)\n * test: define constants for test images (#7739)\n * docs: add note about disabled DS016 check (#7724)\n * feat(misconf): public network support for Azure Storage Account (#7601)\n * feat(cli): rename `trivy auth` to `trivy registry` (#7727)\n * docs: apt-transport-https is a transitional package (#7678)\n * refactor(misconf): introduce generic scanner (#7515)\n * fix(cli): `clean --all` deletes only relevant dirs (#7704)\n * feat(cli): add `trivy auth` (#7664)\n * fix(sbom): add options for DBs in private registries (#7660)\n * docs(report): fix reporting doc format (#7671)\n * fix(repo): `git clone` output to Stderr (#7561)\n * fix(redhat): include arch in PURL qualifiers (#7654)\n * fix(report): Fix invalid URI in SARIF report (#7645)\n * docs(report): Improve SARIF reporting doc (#7655)\n * fix(db): fix javadb downloading error handling (#7642)\n * feat(cli): error out when ignore file cannot be found (#7624)\n\nUpdate to version 0.56.2:\n\n * fix(redhat): include arch in PURL qualifiers [backport: release/v0.56] (#7702)\n * fix(sbom): add options for DBs in private registries [backport: release/v0.56] (#7691)\n\n- Update to version 0.51.1 (bsc#1227010, CVE-2024-3817):\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-33",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025-20117-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1227010",
"url": "https://bugzilla.suse.com/1227010"
},
{
"category": "self",
"summary": "SUSE Bug 1232948",
"url": "https://bugzilla.suse.com/1232948"
},
{
"category": "self",
"summary": "SUSE Bug 1234512",
"url": "https://bugzilla.suse.com/1234512"
},
{
"category": "self",
"summary": "SUSE Bug 1235265",
"url": "https://bugzilla.suse.com/1235265"
},
{
"category": "self",
"summary": "SUSE Bug 1237618",
"url": "https://bugzilla.suse.com/1237618"
},
{
"category": "self",
"summary": "SUSE Bug 1239225",
"url": "https://bugzilla.suse.com/1239225"
},
{
"category": "self",
"summary": "SUSE Bug 1239385",
"url": "https://bugzilla.suse.com/1239385"
},
{
"category": "self",
"summary": "SUSE Bug 1240466",
"url": "https://bugzilla.suse.com/1240466"
},
{
"category": "self",
"summary": "SUSE Bug 1241724",
"url": "https://bugzilla.suse.com/1241724"
},
{
"category": "self",
"summary": "SUSE Bug 1243633",
"url": "https://bugzilla.suse.com/1243633"
},
{
"category": "self",
"summary": "SUSE Bug 1246151",
"url": "https://bugzilla.suse.com/1246151"
},
{
"category": "self",
"summary": "SUSE Bug 1246730",
"url": "https://bugzilla.suse.com/1246730"
},
{
"category": "self",
"summary": "SUSE Bug 1248897",
"url": "https://bugzilla.suse.com/1248897"
},
{
"category": "self",
"summary": "SUSE Bug 1248937",
"url": "https://bugzilla.suse.com/1248937"
},
{
"category": "self",
"summary": "SUSE Bug 1250625",
"url": "https://bugzilla.suse.com/1250625"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-3817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-3817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45337 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-51744 page",
"url": "https://www.suse.com/security/cve/CVE-2024-51744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21613 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21614 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-46569 page",
"url": "https://www.suse.com/security/cve/CVE-2025-46569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47291 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53547 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58058 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58058/"
}
],
"title": "Security update for trivy",
"tracking": {
"current_release_date": "2025-11-27T12:27:44Z",
"generator": {
"date": "2025-11-27T12:27:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025-20117-1",
"initial_release_date": "2025-11-27T12:27:44Z",
"revision_history": [
{
"date": "2025-11-27T12:27:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.66.0-bp160.1.1.aarch64",
"product": {
"name": "trivy-0.66.0-bp160.1.1.aarch64",
"product_id": "trivy-0.66.0-bp160.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.66.0-bp160.1.1.ppc64le",
"product": {
"name": "trivy-0.66.0-bp160.1.1.ppc64le",
"product_id": "trivy-0.66.0-bp160.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.66.0-bp160.1.1.s390x",
"product": {
"name": "trivy-0.66.0-bp160.1.1.s390x",
"product_id": "trivy-0.66.0-bp160.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.66.0-bp160.1.1.x86_64",
"product": {
"name": "trivy-0.66.0-bp160.1.1.x86_64",
"product_id": "trivy-0.66.0-bp160.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.66.0-bp160.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64"
},
"product_reference": "trivy-0.66.0-bp160.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.66.0-bp160.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le"
},
"product_reference": "trivy-0.66.0-bp160.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.66.0-bp160.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x"
},
"product_reference": "trivy-0.66.0-bp160.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.66.0-bp160.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
},
"product_reference": "trivy-0.66.0-bp160.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-3817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-3817"
}
],
"notes": [
{
"category": "general",
"text": "HashiCorp\u0027s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. \n\nThis vulnerability does not affect the go-getter/v2 branch and package.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-3817",
"url": "https://www.suse.com/security/cve/CVE-2024-3817"
},
{
"category": "external",
"summary": "SUSE Bug 1226999 for CVE-2024-3817",
"url": "https://bugzilla.suse.com/1226999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "moderate"
}
],
"title": "CVE-2024-3817"
},
{
"cve": "CVE-2024-45337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45337"
}
],
"notes": [
{
"category": "general",
"text": "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45337",
"url": "https://www.suse.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "SUSE Bug 1234482 for CVE-2024-45337",
"url": "https://bugzilla.suse.com/1234482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "important"
}
],
"title": "CVE-2024-45337"
},
{
"cve": "CVE-2024-45338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45338"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45338",
"url": "https://www.suse.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "SUSE Bug 1234794 for CVE-2024-45338",
"url": "https://bugzilla.suse.com/1234794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "moderate"
}
],
"title": "CVE-2024-45338"
},
{
"cve": "CVE-2024-51744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-51744"
}
],
"notes": [
{
"category": "general",
"text": "golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by `ParseWithClaims` return both error codes. If users only check for the `jwt.ErrTokenExpired ` using `error.Is`, they will ignore the embedded `jwt.ErrTokenSignatureInvalid` and thus potentially accept invalid tokens. A fix has been back-ported with the error handling logic from the `v5` branch to the `v4` branch. In this logic, the `ParseWithClaims` function will immediately return in \"dangerous\" situations (e.g., an invalid signature), limiting the combined errors only to situations where the signature is valid, but further validation failed (e.g., if the signature is valid, but is expired AND has the wrong audience). This fix is part of the 4.5.1 release. We are aware that this changes the behaviour of an established function and is not 100 % backwards compatible, so updating to 4.5.1 might break your code. In case you cannot update to 4.5.0, please make sure that you are properly checking for all errors (\"dangerous\" ones first), so that you are not running in the case detailed above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-51744",
"url": "https://www.suse.com/security/cve/CVE-2024-51744"
},
{
"category": "external",
"summary": "SUSE Bug 1232936 for CVE-2024-51744",
"url": "https://bugzilla.suse.com/1232936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "moderate"
}
],
"title": "CVE-2024-51744"
},
{
"cve": "CVE-2025-11065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11065"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11065",
"url": "https://www.suse.com/security/cve/CVE-2025-11065"
},
{
"category": "external",
"summary": "SUSE Bug 1250608 for CVE-2025-11065",
"url": "https://bugzilla.suse.com/1250608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "moderate"
}
],
"title": "CVE-2025-11065"
},
{
"cve": "CVE-2025-21613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21613"
}
],
"notes": [
{
"category": "general",
"text": "go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21613",
"url": "https://www.suse.com/security/cve/CVE-2025-21613"
},
{
"category": "external",
"summary": "SUSE Bug 1235572 for CVE-2025-21613",
"url": "https://bugzilla.suse.com/1235572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "important"
}
],
"title": "CVE-2025-21613"
},
{
"cve": "CVE-2025-21614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21614"
}
],
"notes": [
{
"category": "general",
"text": "go-git is a highly extensible git implementation library written in pure Go. A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Users running versions of go-git from v4 and above are recommended to upgrade to v5.13 in order to mitigate this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21614",
"url": "https://www.suse.com/security/cve/CVE-2025-21614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "important"
}
],
"title": "CVE-2025-21614"
},
{
"cve": "CVE-2025-22868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22868"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22868",
"url": "https://www.suse.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "SUSE Bug 1239185 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239185"
},
{
"category": "external",
"summary": "SUSE Bug 1239186 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "important"
}
],
"title": "CVE-2025-22868"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27144"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27144",
"url": "https://www.suse.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1237608 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237608"
},
{
"category": "external",
"summary": "SUSE Bug 1237609 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "important"
}
],
"title": "CVE-2025-27144"
},
{
"cve": "CVE-2025-30204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30204"
}
],
"notes": [
{
"category": "general",
"text": "golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose Authorization header consists of Bearer followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function\u0027s argument), with a constant factor of about 16. This issue is fixed in 5.2.2 and 4.5.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30204",
"url": "https://www.suse.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "SUSE Bug 1240441 for CVE-2025-30204",
"url": "https://bugzilla.suse.com/1240441"
},
{
"category": "external",
"summary": "SUSE Bug 1240442 for CVE-2025-30204",
"url": "https://bugzilla.suse.com/1240442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "important"
}
],
"title": "CVE-2025-30204"
},
{
"cve": "CVE-2025-46569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-46569"
}
],
"notes": [
{
"category": "general",
"text": "Open Policy Agent (OPA) is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a single data document reference is constructed from the requested path. This query is then used for policy evaluation. A HTTP request path can be crafted in a way that injects Rego code into the constructed query. The evaluation result cannot be made to return any other data than what is generated by the requested path, but this path can be misdirected, and the injected Rego code can be crafted to make the query succeed or fail; opening up for oracle attacks or, given the right circumstances, erroneous policy decision results. Furthermore, the injected code can be crafted to be computationally expensive, resulting in a Denial Of Service (DoS) attack. This issue has been patched in version 1.4.0. A workaround involves having network access to OPA\u0027s RESTful APIs being limited to `localhost` and/or trusted networks, unless necessary for production reasons.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-46569",
"url": "https://www.suse.com/security/cve/CVE-2025-46569"
},
{
"category": "external",
"summary": "SUSE Bug 1246710 for CVE-2025-46569",
"url": "https://bugzilla.suse.com/1246710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "important"
}
],
"title": "CVE-2025-46569"
},
{
"cve": "CVE-2025-47291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47291"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. A bug was found in the containerd\u0027s CRI implementation where containerd, starting in version 2.0.1 and prior to version 2.0.5, doesn\u0027t put usernamespaced containers under the Kubernetes\u0027 cgroup hierarchy, therefore some Kubernetes limits are not honored. This may cause a denial of service of the Kubernetes node. This bug has been fixed in containerd 2.0.5+ and 2.1.0+. Users should update to these versions to resolve the issue. As a workaround, disable usernamespaced pods in Kubernetes temporarily.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47291",
"url": "https://www.suse.com/security/cve/CVE-2025-47291"
},
{
"category": "external",
"summary": "SUSE Bug 1243632 for CVE-2025-47291",
"url": "https://bugzilla.suse.com/1243632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "moderate"
}
],
"title": "CVE-2025-47291"
},
{
"cve": "CVE-2025-53547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53547"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and this file is written, can be crafted in a way that can cause execution if that same content were in a file that is executed (e.g., a bash.rc file or shell script). If the Chart.lock file is symlinked to one of these files updating dependencies will write the lock file content to the symlinked file. This can lead to unwanted execution. Helm warns of the symlinked file but did not stop execution due to symlinking. This issue has been resolved in Helm v3.18.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53547",
"url": "https://www.suse.com/security/cve/CVE-2025-53547"
},
{
"category": "external",
"summary": "SUSE Bug 1246150 for CVE-2025-53547",
"url": "https://bugzilla.suse.com/1246150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "important"
}
],
"title": "CVE-2025-53547"
},
{
"cve": "CVE-2025-58058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58058"
}
],
"notes": [
{
"category": "general",
"text": "xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current implementation allocates the full decoding buffer directly after reading the header. The LZMA header doesn\u0027t include a magic number or has a checksum to detect such an issue according to the specification. Note that the code recognizes the issue later while reading the stream, but at this time the memory allocation has already been done. This issue has been patched in version 0.5.14.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58058",
"url": "https://www.suse.com/security/cve/CVE-2025-58058"
},
{
"category": "external",
"summary": "SUSE Bug 1248889 for CVE-2025-58058",
"url": "https://bugzilla.suse.com/1248889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.66.0-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:27:44Z",
"details": "moderate"
}
],
"title": "CVE-2025-58058"
}
]
}
OPENSUSE-SU-2025:15455-1
Vulnerability from csaf_opensuse - Published: 2025-08-15 00:00 - Updated: 2025-08-15 00:00Summary
trivy-0.65.0-1.1 on GA media
Notes
Title of the patch
trivy-0.65.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the trivy-0.65.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15455
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "trivy-0.65.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the trivy-0.65.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15455",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15455-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47291 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47291/"
}
],
"title": "trivy-0.65.0-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-15T00:00:00Z",
"generator": {
"date": "2025-08-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15455-1",
"initial_release_date": "2025-08-15T00:00:00Z",
"revision_history": [
{
"date": "2025-08-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.65.0-1.1.aarch64",
"product": {
"name": "trivy-0.65.0-1.1.aarch64",
"product_id": "trivy-0.65.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.65.0-1.1.ppc64le",
"product": {
"name": "trivy-0.65.0-1.1.ppc64le",
"product_id": "trivy-0.65.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.65.0-1.1.s390x",
"product": {
"name": "trivy-0.65.0-1.1.s390x",
"product_id": "trivy-0.65.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.65.0-1.1.x86_64",
"product": {
"name": "trivy-0.65.0-1.1.x86_64",
"product_id": "trivy-0.65.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.65.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64"
},
"product_reference": "trivy-0.65.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.65.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le"
},
"product_reference": "trivy-0.65.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.65.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x"
},
"product_reference": "trivy-0.65.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.65.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
},
"product_reference": "trivy-0.65.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22868"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22868",
"url": "https://www.suse.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "SUSE Bug 1239185 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239185"
},
{
"category": "external",
"summary": "SUSE Bug 1239186 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22868"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-30204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30204"
}
],
"notes": [
{
"category": "general",
"text": "golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose Authorization header consists of Bearer followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function\u0027s argument), with a constant factor of about 16. This issue is fixed in 5.2.2 and 4.5.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30204",
"url": "https://www.suse.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "SUSE Bug 1240441 for CVE-2025-30204",
"url": "https://bugzilla.suse.com/1240441"
},
{
"category": "external",
"summary": "SUSE Bug 1240442 for CVE-2025-30204",
"url": "https://bugzilla.suse.com/1240442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-30204"
},
{
"cve": "CVE-2025-47291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47291"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. A bug was found in the containerd\u0027s CRI implementation where containerd, starting in version 2.0.1 and prior to version 2.0.5, doesn\u0027t put usernamespaced containers under the Kubernetes\u0027 cgroup hierarchy, therefore some Kubernetes limits are not honored. This may cause a denial of service of the Kubernetes node. This bug has been fixed in containerd 2.0.5+ and 2.1.0+. Users should update to these versions to resolve the issue. As a workaround, disable usernamespaced pods in Kubernetes temporarily.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47291",
"url": "https://www.suse.com/security/cve/CVE-2025-47291"
},
{
"category": "external",
"summary": "SUSE Bug 1243632 for CVE-2025-47291",
"url": "https://bugzilla.suse.com/1243632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47291"
}
]
}
OPENSUSE-SU-2025:15008-1
Vulnerability from csaf_opensuse - Published: 2025-04-17 00:00 - Updated: 2025-04-17 00:00Summary
govulncheck-vulndb-0.0.20250416T165455-1.1 on GA media
Notes
Title of the patch
govulncheck-vulndb-0.0.20250416T165455-1.1 on GA media
Description of the patch
These are all security issues fixed in the govulncheck-vulndb-0.0.20250416T165455-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15008
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "govulncheck-vulndb-0.0.20250416T165455-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20250416T165455-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15008",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15008-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "govulncheck-vulndb-0.0.20250416T165455-1.1 on GA media",
"tracking": {
"current_release_date": "2025-04-17T00:00:00Z",
"generator": {
"date": "2025-04-17T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15008-1",
"initial_release_date": "2025-04-17T00:00:00Z",
"revision_history": [
{
"date": "2025-04-17T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.aarch64",
"product": {
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.aarch64",
"product_id": "govulncheck-vulndb-0.0.20250416T165455-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.ppc64le",
"product": {
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.ppc64le",
"product_id": "govulncheck-vulndb-0.0.20250416T165455-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.s390x",
"product": {
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.s390x",
"product_id": "govulncheck-vulndb-0.0.20250416T165455-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.x86_64",
"product": {
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.x86_64",
"product_id": "govulncheck-vulndb-0.0.20250416T165455-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.aarch64"
},
"product_reference": "govulncheck-vulndb-0.0.20250416T165455-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.ppc64le"
},
"product_reference": "govulncheck-vulndb-0.0.20250416T165455-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.s390x"
},
"product_reference": "govulncheck-vulndb-0.0.20250416T165455-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250416T165455-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.x86_64"
},
"product_reference": "govulncheck-vulndb-0.0.20250416T165455-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250416T165455-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15047-1
Vulnerability from csaf_opensuse - Published: 2025-05-02 00:00 - Updated: 2025-05-02 00:00Summary
hauler-1.2.4-1.1 on GA media
Notes
Title of the patch
hauler-1.2.4-1.1 on GA media
Description of the patch
These are all security issues fixed in the hauler-1.2.4-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15047
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "hauler-1.2.4-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the hauler-1.2.4-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15047",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15047-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "hauler-1.2.4-1.1 on GA media",
"tracking": {
"current_release_date": "2025-05-02T00:00:00Z",
"generator": {
"date": "2025-05-02T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15047-1",
"initial_release_date": "2025-05-02T00:00:00Z",
"revision_history": [
{
"date": "2025-05-02T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "hauler-1.2.4-1.1.aarch64",
"product": {
"name": "hauler-1.2.4-1.1.aarch64",
"product_id": "hauler-1.2.4-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "hauler-1.2.4-1.1.ppc64le",
"product": {
"name": "hauler-1.2.4-1.1.ppc64le",
"product_id": "hauler-1.2.4-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "hauler-1.2.4-1.1.s390x",
"product": {
"name": "hauler-1.2.4-1.1.s390x",
"product_id": "hauler-1.2.4-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "hauler-1.2.4-1.1.x86_64",
"product": {
"name": "hauler-1.2.4-1.1.x86_64",
"product_id": "hauler-1.2.4-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hauler-1.2.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:hauler-1.2.4-1.1.aarch64"
},
"product_reference": "hauler-1.2.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hauler-1.2.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:hauler-1.2.4-1.1.ppc64le"
},
"product_reference": "hauler-1.2.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hauler-1.2.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:hauler-1.2.4-1.1.s390x"
},
"product_reference": "hauler-1.2.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hauler-1.2.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:hauler-1.2.4-1.1.x86_64"
},
"product_reference": "hauler-1.2.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:hauler-1.2.4-1.1.aarch64",
"openSUSE Tumbleweed:hauler-1.2.4-1.1.ppc64le",
"openSUSE Tumbleweed:hauler-1.2.4-1.1.s390x",
"openSUSE Tumbleweed:hauler-1.2.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:hauler-1.2.4-1.1.aarch64",
"openSUSE Tumbleweed:hauler-1.2.4-1.1.ppc64le",
"openSUSE Tumbleweed:hauler-1.2.4-1.1.s390x",
"openSUSE Tumbleweed:hauler-1.2.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:hauler-1.2.4-1.1.aarch64",
"openSUSE Tumbleweed:hauler-1.2.4-1.1.ppc64le",
"openSUSE Tumbleweed:hauler-1.2.4-1.1.s390x",
"openSUSE Tumbleweed:hauler-1.2.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15034-1
Vulnerability from csaf_opensuse - Published: 2025-04-26 00:00 - Updated: 2025-04-26 00:00Summary
subfinder-2.7.0-3.1 on GA media
Notes
Title of the patch
subfinder-2.7.0-3.1 on GA media
Description of the patch
These are all security issues fixed in the subfinder-2.7.0-3.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15034
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "subfinder-2.7.0-3.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the subfinder-2.7.0-3.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15034",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15034-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:15034-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IJN6I53PLG7NO5USQWWJUIVQTZDQDRHC/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:15034-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IJN6I53PLG7NO5USQWWJUIVQTZDQDRHC/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "subfinder-2.7.0-3.1 on GA media",
"tracking": {
"current_release_date": "2025-04-26T00:00:00Z",
"generator": {
"date": "2025-04-26T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15034-1",
"initial_release_date": "2025-04-26T00:00:00Z",
"revision_history": [
{
"date": "2025-04-26T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "subfinder-2.7.0-3.1.aarch64",
"product": {
"name": "subfinder-2.7.0-3.1.aarch64",
"product_id": "subfinder-2.7.0-3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "subfinder-2.7.0-3.1.ppc64le",
"product": {
"name": "subfinder-2.7.0-3.1.ppc64le",
"product_id": "subfinder-2.7.0-3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "subfinder-2.7.0-3.1.s390x",
"product": {
"name": "subfinder-2.7.0-3.1.s390x",
"product_id": "subfinder-2.7.0-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "subfinder-2.7.0-3.1.x86_64",
"product": {
"name": "subfinder-2.7.0-3.1.x86_64",
"product_id": "subfinder-2.7.0-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "subfinder-2.7.0-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subfinder-2.7.0-3.1.aarch64"
},
"product_reference": "subfinder-2.7.0-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subfinder-2.7.0-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subfinder-2.7.0-3.1.ppc64le"
},
"product_reference": "subfinder-2.7.0-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subfinder-2.7.0-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subfinder-2.7.0-3.1.s390x"
},
"product_reference": "subfinder-2.7.0-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subfinder-2.7.0-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:subfinder-2.7.0-3.1.x86_64"
},
"product_reference": "subfinder-2.7.0-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.aarch64",
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.ppc64le",
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.s390x",
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.aarch64",
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.ppc64le",
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.s390x",
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.aarch64",
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.ppc64le",
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.s390x",
"openSUSE Tumbleweed:subfinder-2.7.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-26T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15228-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
helm-3.18.3-1.1 on GA media
Notes
Title of the patch
helm-3.18.3-1.1 on GA media
Description of the patch
These are all security issues fixed in the helm-3.18.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15228
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "helm-3.18.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the helm-3.18.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15228",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15228-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "helm-3.18.3-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15228-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-1.1.aarch64",
"product": {
"name": "helm-3.18.3-1.1.aarch64",
"product_id": "helm-3.18.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.18.3-1.1.aarch64",
"product": {
"name": "helm-bash-completion-3.18.3-1.1.aarch64",
"product_id": "helm-bash-completion-3.18.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.18.3-1.1.aarch64",
"product": {
"name": "helm-fish-completion-3.18.3-1.1.aarch64",
"product_id": "helm-fish-completion-3.18.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.18.3-1.1.aarch64",
"product": {
"name": "helm-zsh-completion-3.18.3-1.1.aarch64",
"product_id": "helm-zsh-completion-3.18.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-1.1.ppc64le",
"product": {
"name": "helm-3.18.3-1.1.ppc64le",
"product_id": "helm-3.18.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.18.3-1.1.ppc64le",
"product": {
"name": "helm-bash-completion-3.18.3-1.1.ppc64le",
"product_id": "helm-bash-completion-3.18.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.18.3-1.1.ppc64le",
"product": {
"name": "helm-fish-completion-3.18.3-1.1.ppc64le",
"product_id": "helm-fish-completion-3.18.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.18.3-1.1.ppc64le",
"product": {
"name": "helm-zsh-completion-3.18.3-1.1.ppc64le",
"product_id": "helm-zsh-completion-3.18.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-1.1.s390x",
"product": {
"name": "helm-3.18.3-1.1.s390x",
"product_id": "helm-3.18.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.18.3-1.1.s390x",
"product": {
"name": "helm-bash-completion-3.18.3-1.1.s390x",
"product_id": "helm-bash-completion-3.18.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.18.3-1.1.s390x",
"product": {
"name": "helm-fish-completion-3.18.3-1.1.s390x",
"product_id": "helm-fish-completion-3.18.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.18.3-1.1.s390x",
"product": {
"name": "helm-zsh-completion-3.18.3-1.1.s390x",
"product_id": "helm-zsh-completion-3.18.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-1.1.x86_64",
"product": {
"name": "helm-3.18.3-1.1.x86_64",
"product_id": "helm-3.18.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.18.3-1.1.x86_64",
"product": {
"name": "helm-bash-completion-3.18.3-1.1.x86_64",
"product_id": "helm-bash-completion-3.18.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.18.3-1.1.x86_64",
"product": {
"name": "helm-fish-completion-3.18.3-1.1.x86_64",
"product_id": "helm-fish-completion-3.18.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.18.3-1.1.x86_64",
"product": {
"name": "helm-zsh-completion-3.18.3-1.1.x86_64",
"product_id": "helm-zsh-completion-3.18.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.18.3-1.1.aarch64"
},
"product_reference": "helm-3.18.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.18.3-1.1.ppc64le"
},
"product_reference": "helm-3.18.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.18.3-1.1.s390x"
},
"product_reference": "helm-3.18.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.18.3-1.1.x86_64"
},
"product_reference": "helm-3.18.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.aarch64"
},
"product_reference": "helm-bash-completion-3.18.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.ppc64le"
},
"product_reference": "helm-bash-completion-3.18.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.s390x"
},
"product_reference": "helm-bash-completion-3.18.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.x86_64"
},
"product_reference": "helm-bash-completion-3.18.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.18.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.aarch64"
},
"product_reference": "helm-fish-completion-3.18.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.18.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.ppc64le"
},
"product_reference": "helm-fish-completion-3.18.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.18.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.s390x"
},
"product_reference": "helm-fish-completion-3.18.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.18.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.x86_64"
},
"product_reference": "helm-fish-completion-3.18.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.18.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.aarch64"
},
"product_reference": "helm-zsh-completion-3.18.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.18.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.ppc64le"
},
"product_reference": "helm-zsh-completion-3.18.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.18.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.s390x"
},
"product_reference": "helm-zsh-completion-3.18.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.18.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.x86_64"
},
"product_reference": "helm-zsh-completion-3.18.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:01941-1
Vulnerability from csaf_suse - Published: 2025-06-13 07:20 - Updated: 2025-06-13 07:20Summary
Security update for kubernetes1.24
Notes
Title of the patch
Security update for kubernetes1.24
Description of the patch
This update for kubernetes1.24 fixes the following issues:
- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).
Patchnames
SUSE-2025-1941,openSUSE-SLE-15.6-2025-1941
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.24",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.24 fixes the following issues:\n\n- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1941,openSUSE-SLE-15.6-2025-1941",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01941-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01941-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501941-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01941-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040274.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241865",
"url": "https://bugzilla.suse.com/1241865"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubernetes1.24",
"tracking": {
"current_release_date": "2025-06-13T07:20:55Z",
"generator": {
"date": "2025-06-13T07:20:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01941-1",
"initial_release_date": "2025-06-13T07:20:55Z",
"revision_history": [
{
"date": "2025-06-13T07:20:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.aarch64",
"product": {
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.aarch64",
"product_id": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.aarch64",
"product": {
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.aarch64",
"product_id": "kubernetes1.24-client-1.24.17-150500.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.aarch64",
"product": {
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.aarch64",
"product_id": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.aarch64",
"product": {
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.aarch64",
"product_id": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.aarch64",
"product": {
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.aarch64",
"product_id": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.aarch64",
"product": {
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.aarch64",
"product_id": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.aarch64",
"product": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.aarch64",
"product_id": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.aarch64",
"product": {
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.aarch64",
"product_id": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.aarch64",
"product": {
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.aarch64",
"product_id": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.24-client-bash-completion-1.24.17-150500.3.28.1.noarch",
"product": {
"name": "kubernetes1.24-client-bash-completion-1.24.17-150500.3.28.1.noarch",
"product_id": "kubernetes1.24-client-bash-completion-1.24.17-150500.3.28.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-fish-completion-1.24.17-150500.3.28.1.noarch",
"product": {
"name": "kubernetes1.24-client-fish-completion-1.24.17-150500.3.28.1.noarch",
"product_id": "kubernetes1.24-client-fish-completion-1.24.17-150500.3.28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.ppc64le",
"product": {
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.ppc64le",
"product_id": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.ppc64le",
"product": {
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.ppc64le",
"product_id": "kubernetes1.24-client-1.24.17-150500.3.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.ppc64le",
"product": {
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.ppc64le",
"product_id": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.ppc64le",
"product": {
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.ppc64le",
"product_id": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.ppc64le",
"product": {
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.ppc64le",
"product_id": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.ppc64le",
"product": {
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.ppc64le",
"product_id": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.ppc64le",
"product": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.ppc64le",
"product_id": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.ppc64le",
"product": {
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.ppc64le",
"product_id": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.ppc64le",
"product": {
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.ppc64le",
"product_id": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.s390x",
"product": {
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.s390x",
"product_id": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.s390x",
"product": {
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.s390x",
"product_id": "kubernetes1.24-client-1.24.17-150500.3.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.s390x",
"product": {
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.s390x",
"product_id": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.s390x",
"product": {
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.s390x",
"product_id": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.s390x",
"product": {
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.s390x",
"product_id": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.s390x",
"product": {
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.s390x",
"product_id": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.s390x",
"product": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.s390x",
"product_id": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.s390x",
"product": {
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.s390x",
"product_id": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.s390x",
"product": {
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.s390x",
"product_id": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.x86_64",
"product": {
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.x86_64",
"product_id": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.x86_64",
"product": {
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.x86_64",
"product_id": "kubernetes1.24-client-1.24.17-150500.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.x86_64",
"product": {
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.x86_64",
"product_id": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.x86_64",
"product": {
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.x86_64",
"product_id": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.x86_64",
"product": {
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.x86_64",
"product_id": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.x86_64",
"product": {
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.x86_64",
"product_id": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.x86_64",
"product": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.x86_64",
"product_id": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.x86_64",
"product": {
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.x86_64",
"product_id": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.x86_64",
"product": {
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.x86_64",
"product_id": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.aarch64"
},
"product_reference": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.ppc64le"
},
"product_reference": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.s390x"
},
"product_reference": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.x86_64"
},
"product_reference": "kubernetes1.24-apiserver-1.24.17-150500.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.aarch64"
},
"product_reference": "kubernetes1.24-client-1.24.17-150500.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.ppc64le"
},
"product_reference": "kubernetes1.24-client-1.24.17-150500.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.s390x"
},
"product_reference": "kubernetes1.24-client-1.24.17-150500.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150500.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.x86_64"
},
"product_reference": "kubernetes1.24-client-1.24.17-150500.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-bash-completion-1.24.17-150500.3.28.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-client-bash-completion-1.24.17-150500.3.28.1.noarch"
},
"product_reference": "kubernetes1.24-client-bash-completion-1.24.17-150500.3.28.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.aarch64"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.ppc64le"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.s390x"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.x86_64"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150500.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-fish-completion-1.24.17-150500.3.28.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-client-fish-completion-1.24.17-150500.3.28.1.noarch"
},
"product_reference": "kubernetes1.24-client-fish-completion-1.24.17-150500.3.28.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.aarch64"
},
"product_reference": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.ppc64le"
},
"product_reference": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.s390x"
},
"product_reference": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.x86_64"
},
"product_reference": "kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.aarch64"
},
"product_reference": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.ppc64le"
},
"product_reference": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.s390x"
},
"product_reference": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.x86_64"
},
"product_reference": "kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.aarch64"
},
"product_reference": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.ppc64le"
},
"product_reference": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.s390x"
},
"product_reference": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.x86_64"
},
"product_reference": "kubernetes1.24-kubelet-1.24.17-150500.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.aarch64"
},
"product_reference": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.ppc64le"
},
"product_reference": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.s390x"
},
"product_reference": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.x86_64"
},
"product_reference": "kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.aarch64"
},
"product_reference": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.ppc64le"
},
"product_reference": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.s390x"
},
"product_reference": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.x86_64"
},
"product_reference": "kubernetes1.24-proxy-1.24.17-150500.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.aarch64"
},
"product_reference": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.ppc64le"
},
"product_reference": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.s390x"
},
"product_reference": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.x86_64"
},
"product_reference": "kubernetes1.24-scheduler-1.24.17-150500.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-client-bash-completion-1.24.17-150500.3.28.1.noarch",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-client-fish-completion-1.24.17-150500.3.28.1.noarch",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-client-bash-completion-1.24.17-150500.3.28.1.noarch",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-client-fish-completion-1.24.17-150500.3.28.1.noarch",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-apiserver-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-client-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-client-bash-completion-1.24.17-150500.3.28.1.noarch",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-client-common-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-client-fish-completion-1.24.17-150500.3.28.1.noarch",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-controller-manager-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-kubeadm-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-kubelet-common-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-proxy-1.24.17-150500.3.28.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.s390x",
"openSUSE Leap 15.6:kubernetes1.24-scheduler-1.24.17-150500.3.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T07:20:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:02383-2
Vulnerability from csaf_suse - Published: 2025-08-14 13:03 - Updated: 2025-08-14 13:03Summary
Security update for kubernetes1.26
Notes
Title of the patch
Security update for kubernetes1.26
Description of the patch
This update for kubernetes1.26 fixes the following issues:
- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).
Patchnames
SUSE-2025-2383,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2383,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2383,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2383,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2383,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2383,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2383,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2383,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2383
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.26",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.26 fixes the following issues:\n\n- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2383,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2383,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2383,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2383,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2383,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2383,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2383,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2383,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2383",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02383-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02383-2",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502383-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02383-2",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041216.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229008",
"url": "https://bugzilla.suse.com/1229008"
},
{
"category": "self",
"summary": "SUSE Bug 1241865",
"url": "https://bugzilla.suse.com/1241865"
},
{
"category": "self",
"summary": "SUSE Bug 1245087",
"url": "https://bugzilla.suse.com/1245087"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubernetes1.26",
"tracking": {
"current_release_date": "2025-08-14T13:03:07Z",
"generator": {
"date": "2025-08-14T13:03:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02383-2",
"initial_release_date": "2025-08-14T13:03:07Z",
"revision_history": [
{
"date": "2025-08-14T13:03:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch",
"product": {
"name": "kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch",
"product_id": "kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch",
"product": {
"name": "kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch",
"product_id": "kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-14T13:03:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:02289-1
Vulnerability from csaf_suse - Published: 2025-07-11 11:12 - Updated: 2025-07-11 11:12Summary
Security update for docker
Notes
Title of the patch
Security update for docker
Description of the patch
This update for docker fixes the following issues:
Update to Docker 28.2.2-ce (bsc#1243833, bsc#1242114):
- CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials
allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765)
- CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830).
Other fixes:
- Update to docker-buildx v0.22.0.
- Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035).
- Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534)
- Now that the only blocker for docker-buildx support was removed for SLE-16,
enable docker-buildx for SLE-16 as well. (jsc#PED-8905)
- SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150).
Patchnames
SUSE-2025-2289,SUSE-SLE-Micro-5.3-2025-2289,SUSE-SLE-Micro-5.4-2025-2289,SUSE-SLE-Micro-5.5-2025-2289,SUSE-SLE-Module-Basesystem-15-SP7-2025-2289,SUSE-SLE-Module-Containers-15-SP6-2025-2289,SUSE-SLE-Module-Containers-15-SP7-2025-2289,SUSE-SUSE-MicroOS-5.1-2025-2289,SUSE-SUSE-MicroOS-5.2-2025-2289,openSUSE-SLE-15.6-2025-2289
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\nUpdate to Docker 28.2.2-ce (bsc#1243833, bsc#1242114):\n\n- CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials \n allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765)\n- CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830).\n\nOther fixes: \n \n- Update to docker-buildx v0.22.0.\n- Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035).\n- Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534)\n- Now that the only blocker for docker-buildx support was removed for SLE-16,\n enable docker-buildx for SLE-16 as well. (jsc#PED-8905)\n- SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2289,SUSE-SLE-Micro-5.3-2025-2289,SUSE-SLE-Micro-5.4-2025-2289,SUSE-SLE-Micro-5.5-2025-2289,SUSE-SLE-Module-Basesystem-15-SP7-2025-2289,SUSE-SLE-Module-Containers-15-SP6-2025-2289,SUSE-SLE-Module-Containers-15-SP7-2025-2289,SUSE-SUSE-MicroOS-5.1-2025-2289,SUSE-SUSE-MicroOS-5.2-2025-2289,openSUSE-SLE-15.6-2025-2289",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02289-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02289-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502289-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02289-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040684.html"
},
{
"category": "self",
"summary": "SUSE Bug 1239765",
"url": "https://bugzilla.suse.com/1239765"
},
{
"category": "self",
"summary": "SUSE Bug 1240150",
"url": "https://bugzilla.suse.com/1240150"
},
{
"category": "self",
"summary": "SUSE Bug 1241830",
"url": "https://bugzilla.suse.com/1241830"
},
{
"category": "self",
"summary": "SUSE Bug 1242114",
"url": "https://bugzilla.suse.com/1242114"
},
{
"category": "self",
"summary": "SUSE Bug 1243833",
"url": "https://bugzilla.suse.com/1243833"
},
{
"category": "self",
"summary": "SUSE Bug 1244035",
"url": "https://bugzilla.suse.com/1244035"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0495 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2025-07-11T11:12:49Z",
"generator": {
"date": "2025-07-11T11:12:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02289-1",
"initial_release_date": "2025-07-11T11:12:49Z",
"revision_history": [
{
"date": "2025-07-11T11:12:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-150000.227.1.aarch64",
"product": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64",
"product_id": "docker-28.2.2_ce-150000.227.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"product": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"product_id": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-150000.227.1.i586",
"product": {
"name": "docker-28.2.2_ce-150000.227.1.i586",
"product_id": "docker-28.2.2_ce-150000.227.1.i586"
}
},
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-150000.1.22.1.i586",
"product": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.i586",
"product_id": "docker-stable-24.0.9_ce-150000.1.22.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"product": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"product_id": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"product": {
"name": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"product_id": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"product": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"product_id": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"product": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"product_id": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch",
"product": {
"name": "docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch",
"product_id": "docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch",
"product": {
"name": "docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch",
"product_id": "docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch",
"product": {
"name": "docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch",
"product_id": "docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-28.2.2_ce-150000.227.1.noarch",
"product": {
"name": "docker-zsh-completion-28.2.2_ce-150000.227.1.noarch",
"product_id": "docker-zsh-completion-28.2.2_ce-150000.227.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-150000.227.1.ppc64le",
"product": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le",
"product_id": "docker-28.2.2_ce-150000.227.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"product": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"product_id": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-150000.227.1.s390x",
"product": {
"name": "docker-28.2.2_ce-150000.227.1.s390x",
"product_id": "docker-28.2.2_ce-150000.227.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"product": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"product_id": "docker-stable-24.0.9_ce-150000.1.22.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-150000.227.1.x86_64",
"product": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64",
"product_id": "docker-28.2.2_ce-150000.227.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"product": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"product_id": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.s390x"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.s390x"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.ppc64le"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.s390x"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.ppc64le"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.s390x"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.ppc64le"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.s390x"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.s390x"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.s390x"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.s390x"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.s390x"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.ppc64le"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.s390x"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-fish-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.s390x"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-28.2.2_ce-150000.227.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-zsh-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-zsh-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0495"
}
],
"notes": [
{
"category": "general",
"text": "Buildx is a Docker CLI plugin that extends build capabilities using BuildKit.\n\nCache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry traces as part of the arguments and flags for the traced CLI command. OpenTelemetry traces are also saved in BuildKit daemon\u0027s history records.\n\n\nThis vulnerability does not impact secrets passed to the Github cache backend via environment variables or registry authentication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.aarch64",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.ppc64le",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.s390x",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.x86_64",
"openSUSE Leap 15.6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"openSUSE Leap 15.6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-zsh-completion-28.2.2_ce-150000.227.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0495",
"url": "https://www.suse.com/security/cve/CVE-2025-0495"
},
{
"category": "external",
"summary": "SUSE Bug 1239765 for CVE-2025-0495",
"url": "https://bugzilla.suse.com/1239765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.aarch64",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.ppc64le",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.s390x",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.x86_64",
"openSUSE Leap 15.6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"openSUSE Leap 15.6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-zsh-completion-28.2.2_ce-150000.227.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.aarch64",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.ppc64le",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.s390x",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.x86_64",
"openSUSE Leap 15.6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"openSUSE Leap 15.6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-zsh-completion-28.2.2_ce-150000.227.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-11T11:12:49Z",
"details": "moderate"
}
],
"title": "CVE-2025-0495"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.aarch64",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.ppc64le",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.s390x",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.x86_64",
"openSUSE Leap 15.6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"openSUSE Leap 15.6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-zsh-completion-28.2.2_ce-150000.227.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.aarch64",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.ppc64le",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.s390x",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.x86_64",
"openSUSE Leap 15.6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"openSUSE Leap 15.6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-zsh-completion-28.2.2_ce-150000.227.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.2:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Micro 5.5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.aarch64",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.ppc64le",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.s390x",
"openSUSE Leap 15.6:docker-28.2.2_ce-150000.227.1.x86_64",
"openSUSE Leap 15.6:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"openSUSE Leap 15.6:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"openSUSE Leap 15.6:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch",
"openSUSE Leap 15.6:docker-zsh-completion-28.2.2_ce-150000.227.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-11T11:12:49Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:02423-2
Vulnerability from csaf_suse - Published: 2025-08-13 00:10 - Updated: 2025-08-13 00:10Summary
Security update for kubernetes1.23
Notes
Title of the patch
Security update for kubernetes1.23
Description of the patch
This update for kubernetes1.23 fixes the following issues:
- CVE-2021-25743: Escape terminal special characters in kubectl output (bsc#1194400).
- CVE-2023-2431: Prevent pods to bypass the seccomp profile enforcement (bsc#1212493).
- CVE-2024-0793: Advance autoscaling v2 as the preferred API version (bsc#1219964).
- CVE-2024-3177: Prevent bypassing mountable secrets policy imposed by the ServiceAccount admission plugin (bsc#1222539).
- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).
Patchnames
SUSE-2025-2423,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2423,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2423,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2423,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2423,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2423,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2423,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2423,SUSE-Storage-7.1-2025-2423
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.23",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.23 fixes the following issues:\n\n- CVE-2021-25743: Escape terminal special characters in kubectl output (bsc#1194400).\n- CVE-2023-2431: Prevent pods to bypass the seccomp profile enforcement (bsc#1212493).\n- CVE-2024-0793: Advance autoscaling v2 as the preferred API version (bsc#1219964).\n- CVE-2024-3177: Prevent bypassing mountable secrets policy imposed by the ServiceAccount admission plugin (bsc#1222539). \n- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2423,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2423,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2423,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2423,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2423,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2423,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2423,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2423,SUSE-Storage-7.1-2025-2423",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02423-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02423-2",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502423-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02423-2",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041192.html"
},
{
"category": "self",
"summary": "SUSE Bug 1194400",
"url": "https://bugzilla.suse.com/1194400"
},
{
"category": "self",
"summary": "SUSE Bug 1212493",
"url": "https://bugzilla.suse.com/1212493"
},
{
"category": "self",
"summary": "SUSE Bug 1219964",
"url": "https://bugzilla.suse.com/1219964"
},
{
"category": "self",
"summary": "SUSE Bug 1222539",
"url": "https://bugzilla.suse.com/1222539"
},
{
"category": "self",
"summary": "SUSE Bug 1229008",
"url": "https://bugzilla.suse.com/1229008"
},
{
"category": "self",
"summary": "SUSE Bug 1241865",
"url": "https://bugzilla.suse.com/1241865"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-25743 page",
"url": "https://www.suse.com/security/cve/CVE-2021-25743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2431 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0793 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-3177 page",
"url": "https://www.suse.com/security/cve/CVE-2024-3177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubernetes1.23",
"tracking": {
"current_release_date": "2025-08-13T00:10:52Z",
"generator": {
"date": "2025-08-13T00:10:52Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02423-2",
"initial_release_date": "2025-08-13T00:10:52Z",
"revision_history": [
{
"date": "2025-08-13T00:10:52Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.aarch64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.aarch64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.aarch64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.aarch64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.aarch64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.aarch64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.aarch64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.aarch64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.aarch64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.aarch64",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.aarch64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.aarch64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-client-bash-completion-1.23.17-150300.7.12.1.noarch",
"product": {
"name": "kubernetes1.23-client-bash-completion-1.23.17-150300.7.12.1.noarch",
"product_id": "kubernetes1.23-client-bash-completion-1.23.17-150300.7.12.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-fish-completion-1.23.17-150300.7.12.1.noarch",
"product": {
"name": "kubernetes1.23-client-fish-completion-1.23.17-150300.7.12.1.noarch",
"product_id": "kubernetes1.23-client-fish-completion-1.23.17-150300.7.12.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.ppc64le",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.ppc64le",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.ppc64le",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.ppc64le",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.ppc64le",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.ppc64le",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.ppc64le",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.ppc64le",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.ppc64le",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.s390x",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.s390x",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.12.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.s390x",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.s390x",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.s390x",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.s390x",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.s390x",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.s390x",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.s390x",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.s390x",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.s390x",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.s390x",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.x86_64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.x86_64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.x86_64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.x86_64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.x86_64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.x86_64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.x86_64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.x86_64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.x86_64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.x86_64",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.x86_64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.x86_64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-25743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-25743"
}
],
"notes": [
{
"category": "general",
"text": "kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-25743",
"url": "https://www.suse.com/security/cve/CVE-2021-25743"
},
{
"category": "external",
"summary": "SUSE Bug 1194400 for CVE-2021-25743",
"url": "https://bugzilla.suse.com/1194400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-13T00:10:52Z",
"details": "moderate"
}
],
"title": "CVE-2021-25743"
},
{
"cve": "CVE-2023-2431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2431"
}
],
"notes": [
{
"category": "general",
"text": "A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2431",
"url": "https://www.suse.com/security/cve/CVE-2023-2431"
},
{
"category": "external",
"summary": "SUSE Bug 1212493 for CVE-2023-2431",
"url": "https://bugzilla.suse.com/1212493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-13T00:10:52Z",
"details": "low"
}
],
"title": "CVE-2023-2431"
},
{
"cve": "CVE-2024-0793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0793"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0793",
"url": "https://www.suse.com/security/cve/CVE-2024-0793"
},
{
"category": "external",
"summary": "SUSE Bug 1219964 for CVE-2024-0793",
"url": "https://bugzilla.suse.com/1219964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-13T00:10:52Z",
"details": "moderate"
}
],
"title": "CVE-2024-0793"
},
{
"cve": "CVE-2024-3177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-3177"
}
],
"notes": [
{
"category": "general",
"text": "A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account\u0027s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-3177",
"url": "https://www.suse.com/security/cve/CVE-2024-3177"
},
{
"category": "external",
"summary": "SUSE Bug 1222539 for CVE-2024-3177",
"url": "https://bugzilla.suse.com/1222539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-13T00:10:52Z",
"details": "moderate"
}
],
"title": "CVE-2024-3177"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-13T00:10:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:20535-1
Vulnerability from csaf_suse - Published: 2025-07-29 14:02 - Updated: 2025-07-29 14:02Summary
Security update for docker
Notes
Title of the patch
Security update for docker
Description of the patch
This update for docker fixes the following issues:
- Update to Go 1.24 for builds, to match upstream.
- Update to Docker 28.3.2-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2832>
- Update to Docker 28.3.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2831>
- Update to Docker 28.3.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2830>
bsc#1246556
- Update to docker-buildx v0.25.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.25.0>
- CVE-2025-22872: golang.org/x/net/html: Fixed incorrectly interpreted tags
causing content to be placed wrong scope during DOM construction (bsc#1241830)
- Do not try to inject SUSEConnect secrets when in Rootless Docker mode, as
Docker does not have permission to access the host zypper credentials in this
mode (and unprivileged users cannot disable the feature using
/etc/docker/suse-secrets-enable.) bsc#1240150
- Always clear SUSEConnect suse_* secrets when starting containers regardless
of whether the daemon was built with SUSEConnect support. Not doing this
causes containers from SUSEConnect-enabled daemons to fail to start when
running with SUSEConnect-disabled (i.e. upstream) daemons.
This was a long-standing issue with our secrets support but until recently
this would've required migrating from SLE packages to openSUSE packages
(which wasn't supported). However, as SLE Micro 6.x and SLES 16 will move
away from in-built SUSEConnect support, this is now a practical issue users
will run into. bsc#1244035
Patchnames
SUSE-SLE-Micro-6.1-195
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\n- Update to Go 1.24 for builds, to match upstream.\n\n- Update to Docker 28.3.2-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2832\u003e\n\n- Update to Docker 28.3.1-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2831\u003e\n\n- Update to Docker 28.3.0-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2830\u003e\n bsc#1246556\n\n- Update to docker-buildx v0.25.0. Upstream changelog:\n \u003chttps://github.com/docker/buildx/releases/tag/v0.25.0\u003e\n\n- CVE-2025-22872: golang.org/x/net/html: Fixed incorrectly interpreted tags \n causing content to be placed wrong scope during DOM construction (bsc#1241830) \n\n- Do not try to inject SUSEConnect secrets when in Rootless Docker mode, as\n Docker does not have permission to access the host zypper credentials in this\n mode (and unprivileged users cannot disable the feature using\n /etc/docker/suse-secrets-enable.) bsc#1240150\n\n- Always clear SUSEConnect suse_* secrets when starting containers regardless\n of whether the daemon was built with SUSEConnect support. Not doing this\n causes containers from SUSEConnect-enabled daemons to fail to start when\n running with SUSEConnect-disabled (i.e. upstream) daemons.\n\n This was a long-standing issue with our secrets support but until recently\n this would\u0027ve required migrating from SLE packages to openSUSE packages\n (which wasn\u0027t supported). However, as SLE Micro 6.x and SLES 16 will move\n away from in-built SUSEConnect support, this is now a practical issue users\n will run into. bsc#1244035\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-195",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20535-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20535-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520535-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20535-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041119.html"
},
{
"category": "self",
"summary": "SUSE Bug 1240150",
"url": "https://bugzilla.suse.com/1240150"
},
{
"category": "self",
"summary": "SUSE Bug 1241830",
"url": "https://bugzilla.suse.com/1241830"
},
{
"category": "self",
"summary": "SUSE Bug 1242114",
"url": "https://bugzilla.suse.com/1242114"
},
{
"category": "self",
"summary": "SUSE Bug 1243833",
"url": "https://bugzilla.suse.com/1243833"
},
{
"category": "self",
"summary": "SUSE Bug 1244035",
"url": "https://bugzilla.suse.com/1244035"
},
{
"category": "self",
"summary": "SUSE Bug 1246556",
"url": "https://bugzilla.suse.com/1246556"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2025-07-29T14:02:30Z",
"generator": {
"date": "2025-07-29T14:02:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20535-1",
"initial_release_date": "2025-07-29T14:02:30Z",
"revision_history": [
{
"date": "2025-07-29T14:02:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.2_ce-slfo.1.1_5.1.aarch64",
"product": {
"name": "docker-28.3.2_ce-slfo.1.1_5.1.aarch64",
"product_id": "docker-28.3.2_ce-slfo.1.1_5.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.aarch64",
"product": {
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.aarch64",
"product_id": "docker-buildx-0.25.0-slfo.1.1_5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.2_ce-slfo.1.1_5.1.ppc64le",
"product": {
"name": "docker-28.3.2_ce-slfo.1.1_5.1.ppc64le",
"product_id": "docker-28.3.2_ce-slfo.1.1_5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.ppc64le",
"product": {
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.ppc64le",
"product_id": "docker-buildx-0.25.0-slfo.1.1_5.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.2_ce-slfo.1.1_5.1.s390x",
"product": {
"name": "docker-28.3.2_ce-slfo.1.1_5.1.s390x",
"product_id": "docker-28.3.2_ce-slfo.1.1_5.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.s390x",
"product": {
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.s390x",
"product_id": "docker-buildx-0.25.0-slfo.1.1_5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.2_ce-slfo.1.1_5.1.x86_64",
"product": {
"name": "docker-28.3.2_ce-slfo.1.1_5.1.x86_64",
"product_id": "docker-28.3.2_ce-slfo.1.1_5.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.x86_64",
"product": {
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.x86_64",
"product_id": "docker-buildx-0.25.0-slfo.1.1_5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.2_ce-slfo.1.1_5.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.aarch64"
},
"product_reference": "docker-28.3.2_ce-slfo.1.1_5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.2_ce-slfo.1.1_5.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.ppc64le"
},
"product_reference": "docker-28.3.2_ce-slfo.1.1_5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.2_ce-slfo.1.1_5.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.s390x"
},
"product_reference": "docker-28.3.2_ce-slfo.1.1_5.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.2_ce-slfo.1.1_5.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.x86_64"
},
"product_reference": "docker-28.3.2_ce-slfo.1.1_5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.aarch64"
},
"product_reference": "docker-buildx-0.25.0-slfo.1.1_5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.ppc64le"
},
"product_reference": "docker-buildx-0.25.0-slfo.1.1_5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.s390x"
},
"product_reference": "docker-buildx-0.25.0-slfo.1.1_5.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.25.0-slfo.1.1_5.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.x86_64"
},
"product_reference": "docker-buildx-0.25.0-slfo.1.1_5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:docker-28.3.2_ce-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.25.0-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-29T14:02:30Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:20457-1
Vulnerability from csaf_suse - Published: 2025-06-28 06:00 - Updated: 2025-06-28 06:00Summary
Security update for helm
Notes
Title of the patch
Security update for helm
Description of the patch
This update for helm fixes the following issues:
Update to version 3.18.3:
* build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
6838ebc (dependabot[bot])
* fix: user username password for login 5b9e2f6 (Terry Howe)
* Update pkg/registry/transport.go 2782412 (Terry Howe)
* Update pkg/registry/transport.go e66cf6a (Terry Howe)
* fix: add debug logging to oci transport 191f05c (Terry Howe)
Update to version 3.18.2:
* fix: legacy docker support broken for login 04cad46 (Terry
Howe)
* Handle an empty registry config file. bc9f8a2 (Matt Farina)
Update to version 3.18.1:
* Notes:
- This release fixes regressions around template generation and
OCI registry interaction in 3.18.0
- There are at least 2 known regressions unaddressed in this
release. They are being worked on.
- Empty registry configuration files. When the file exists
but it is empty.
- Login to Docker Hub on some domains fails.
* Changelog
- fix(client): skipnode utilization for PreCopy
- fix(client): layers now returns manifest - remove duplicate
from descriptors
- fix(client): return nil on non-allowed media types
- Prevent fetching newReference again as we have in calling
method
- Prevent failure when resolving version tags in oras memory
store
- Update pkg/plugin/plugin.go
- Update pkg/plugin/plugin.go
- Wait for Helm v4 before raising when platformCommand and
Command are set
- Fix 3.18.0 regression: registry login with scheme
- Revert "fix (helm) : toToml` renders int as float [ backport
to v3 ]"
Update to version 3.18.0 (bsc#1241802, CVE-2025-22872):
* Notable Changes
- Add support for JSON Schema 2020
- Enabled cpu and memory profiling
- Add hook annotation to output hook logs to client on error
* Changelog
- build(deps): bump the k8s-io group with 7 updates
- fix: govulncheck workflow
- bump version to v3.18.0
- fix:add proxy support when mTLS configured
- docs: Note about http fallback for OCI registries
- Bump net package to avoid CVE on dev-v3
- Bump toml
- backport #30677to dev3
- build(deps): bump github.com/rubenv/sql-migrate from 1.7.2 to
1.8.0
- Add install test for TakeOwnership flag
- Fix --take-ownership
- build(deps): bump github.com/rubenv/sql-migrate from 1.7.1 to
1.7.2
- build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0
- build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0
- Testing text bump
- Permit more Go version and not only 1.23.8
- Bumps github.com/distribution/distribution/v3 from 3.0.0-rc.3
to 3.0.0
- Report as debug log, the time spent waiting for resources
- build(deps): bump github.com/containerd/containerd from
1.7.26 to 1.7.27
- Update pkg/registry/fallback.go
- automatic fallback to http
- chore(oci): upgrade to ORAS v2
- Updating to 0.37.0 for x/net
- build(deps): bump the k8s-io group with 7 updates
- build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0
- build(deps): bump github.com/opencontainers/image-spec
- build(deps): bump github.com/containerd/containerd from
1.7.25 to 1.7.26
- build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0
- Fix cherry-pick helm.sh/helm/v4 -> helm.sh/helm/v3
- Add HookOutputFunc and generic yaml unmarshaller
- clarify fix error message
- remove comments about previous functionality
- add short circuit return
- Add hook annotations to output pod logs to client on success
and fail
- chore: use []error instead of []string
- Update cmd/helm/profiling.go
- chore: update profiling doc in CONTRIBUTING.md
- Prefer environment variables to CLI flags
- Fix linter warning
- Move pprof paths to HELM_PPROF env variable
- Additional review fixes from PR
- feat: Add flags to enable CPU and memory profiling
- build(deps): bump github.com/distribution/distribution/v3
- build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1
- Moving to SetOut and SetErr for Cobra
- build(deps): bump the k8s-io group with 7 updates
- build(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0
- build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0
- build(deps): bump golang.org/x/text from 0.21.0 to 0.22.0
- build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
- build(deps): bump github.com/cyphar/filepath-securejoin
- build(deps): bump github.com/evanphx/json-patch
- build(deps): bump the k8s-io group with 7 updates
- fix: check group for resource info match
- Bump github.com/cyphar/filepath-securejoin from 0.3.6 to
0.4.0
- add test for nullifying nested global value
- Ensuring the file paths are clean prior to passing to
securejoin
- Bump github.com/containerd/containerd from 1.7.24 to 1.7.25
- Bump golang.org/x/crypto from 0.31.0 to 0.32.0
- Bump golang.org/x/term from 0.27.0 to 0.28.0
- bump version to v3.17.0
- Bump github.com/moby/term from 0.5.0 to 0.5.2
- Add test case for removing an entire object
- Tests for bugfix: Override subcharts with null values #12879
- feat: Added multi-platform plugin hook support to v3
- This commit fixes the issue where the yaml.Unmarshaller
converts all int values into float64, this passes in option
to decoder, which enables conversion of int into .
- merge null child chart objects
Update to version 3.17.3:
Helm v3.17.3 is a security (patch) release. Users are strongly
recommended to update to this release.
* Changelog
- Unarchiving fix e4da497 (Matt Farina)
Patchnames
SUSE-SLE-Micro-6.1-162
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for helm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for helm fixes the following issues:\n\nUpdate to version 3.18.3:\n\n * build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0\n 6838ebc (dependabot[bot])\n * fix: user username password for login 5b9e2f6 (Terry Howe)\n * Update pkg/registry/transport.go 2782412 (Terry Howe)\n * Update pkg/registry/transport.go e66cf6a (Terry Howe)\n * fix: add debug logging to oci transport 191f05c (Terry Howe)\n\nUpdate to version 3.18.2:\n\n * fix: legacy docker support broken for login 04cad46 (Terry\n Howe)\n * Handle an empty registry config file. bc9f8a2 (Matt Farina)\n\nUpdate to version 3.18.1:\n\n * Notes:\n\n - This release fixes regressions around template generation and\n OCI registry interaction in 3.18.0\n - There are at least 2 known regressions unaddressed in this\n release. They are being worked on.\n - Empty registry configuration files. When the file exists\n but it is empty.\n - Login to Docker Hub on some domains fails.\n\n * Changelog\n\n - fix(client): skipnode utilization for PreCopy\n - fix(client): layers now returns manifest - remove duplicate\n from descriptors\n - fix(client): return nil on non-allowed media types\n - Prevent fetching newReference again as we have in calling\n method\n - Prevent failure when resolving version tags in oras memory\n store\n - Update pkg/plugin/plugin.go\n - Update pkg/plugin/plugin.go\n - Wait for Helm v4 before raising when platformCommand and\n Command are set\n - Fix 3.18.0 regression: registry login with scheme\n - Revert \"fix (helm) : toToml` renders int as float [ backport\n to v3 ]\"\n\nUpdate to version 3.18.0 (bsc#1241802, CVE-2025-22872):\n\n * Notable Changes\n\n - Add support for JSON Schema 2020\n - Enabled cpu and memory profiling\n - Add hook annotation to output hook logs to client on error\n\n * Changelog\n\n - build(deps): bump the k8s-io group with 7 updates\n - fix: govulncheck workflow\n - bump version to v3.18.0\n - fix:add proxy support when mTLS configured\n - docs: Note about http fallback for OCI registries\n - Bump net package to avoid CVE on dev-v3\n - Bump toml\n - backport #30677to dev3\n - build(deps): bump github.com/rubenv/sql-migrate from 1.7.2 to\n 1.8.0\n - Add install test for TakeOwnership flag\n - Fix --take-ownership\n - build(deps): bump github.com/rubenv/sql-migrate from 1.7.1 to\n 1.7.2\n - build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0\n - build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0\n - Testing text bump\n - Permit more Go version and not only 1.23.8\n - Bumps github.com/distribution/distribution/v3 from 3.0.0-rc.3\n to 3.0.0\n - Report as debug log, the time spent waiting for resources\n - build(deps): bump github.com/containerd/containerd from\n 1.7.26 to 1.7.27\n - Update pkg/registry/fallback.go\n - automatic fallback to http\n - chore(oci): upgrade to ORAS v2\n - Updating to 0.37.0 for x/net\n - build(deps): bump the k8s-io group with 7 updates\n - build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0\n - build(deps): bump github.com/opencontainers/image-spec\n - build(deps): bump github.com/containerd/containerd from\n 1.7.25 to 1.7.26\n - build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0\n - Fix cherry-pick helm.sh/helm/v4 -\u003e helm.sh/helm/v3\n - Add HookOutputFunc and generic yaml unmarshaller\n - clarify fix error message\n - remove comments about previous functionality\n - add short circuit return\n - Add hook annotations to output pod logs to client on success\n and fail\n - chore: use []error instead of []string\n - Update cmd/helm/profiling.go\n - chore: update profiling doc in CONTRIBUTING.md\n - Prefer environment variables to CLI flags\n - Fix linter warning\n - Move pprof paths to HELM_PPROF env variable\n - Additional review fixes from PR\n - feat: Add flags to enable CPU and memory profiling\n - build(deps): bump github.com/distribution/distribution/v3\n - build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1\n - Moving to SetOut and SetErr for Cobra\n - build(deps): bump the k8s-io group with 7 updates\n - build(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0\n - build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0\n - build(deps): bump golang.org/x/text from 0.21.0 to 0.22.0\n - build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6\n - build(deps): bump github.com/cyphar/filepath-securejoin\n - build(deps): bump github.com/evanphx/json-patch\n - build(deps): bump the k8s-io group with 7 updates\n - fix: check group for resource info match\n - Bump github.com/cyphar/filepath-securejoin from 0.3.6 to\n 0.4.0\n - add test for nullifying nested global value\n - Ensuring the file paths are clean prior to passing to\n securejoin\n - Bump github.com/containerd/containerd from 1.7.24 to 1.7.25\n - Bump golang.org/x/crypto from 0.31.0 to 0.32.0\n - Bump golang.org/x/term from 0.27.0 to 0.28.0\n - bump version to v3.17.0\n - Bump github.com/moby/term from 0.5.0 to 0.5.2\n - Add test case for removing an entire object\n - Tests for bugfix: Override subcharts with null values #12879\n - feat: Added multi-platform plugin hook support to v3\n - This commit fixes the issue where the yaml.Unmarshaller\n converts all int values into float64, this passes in option\n to decoder, which enables conversion of int into .\n - merge null child chart objects\n\nUpdate to version 3.17.3:\n\n Helm v3.17.3 is a security (patch) release. Users are strongly\n recommended to update to this release.\n\n * Changelog\n - Unarchiving fix e4da497 (Matt Farina)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-162",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20457-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20457-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520457-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20457-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040656.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241802",
"url": "https://bugzilla.suse.com/1241802"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for helm",
"tracking": {
"current_release_date": "2025-06-28T06:00:42Z",
"generator": {
"date": "2025-06-28T06:00:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20457-1",
"initial_release_date": "2025-06-28T06:00:42Z",
"revision_history": [
{
"date": "2025-06-28T06:00:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-slfo.1.1_1.1.aarch64",
"product": {
"name": "helm-3.18.3-slfo.1.1_1.1.aarch64",
"product_id": "helm-3.18.3-slfo.1.1_1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-bash-completion-3.18.3-slfo.1.1_1.1.noarch",
"product": {
"name": "helm-bash-completion-3.18.3-slfo.1.1_1.1.noarch",
"product_id": "helm-bash-completion-3.18.3-slfo.1.1_1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-slfo.1.1_1.1.ppc64le",
"product": {
"name": "helm-3.18.3-slfo.1.1_1.1.ppc64le",
"product_id": "helm-3.18.3-slfo.1.1_1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-slfo.1.1_1.1.s390x",
"product": {
"name": "helm-3.18.3-slfo.1.1_1.1.s390x",
"product_id": "helm-3.18.3-slfo.1.1_1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-slfo.1.1_1.1.x86_64",
"product": {
"name": "helm-3.18.3-slfo.1.1_1.1.x86_64",
"product_id": "helm-3.18.3-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.aarch64"
},
"product_reference": "helm-3.18.3-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.ppc64le"
},
"product_reference": "helm-3.18.3-slfo.1.1_1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.s390x"
},
"product_reference": "helm-3.18.3-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.x86_64"
},
"product_reference": "helm-3.18.3-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-slfo.1.1_1.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:helm-bash-completion-3.18.3-slfo.1.1_1.1.noarch"
},
"product_reference": "helm-bash-completion-3.18.3-slfo.1.1_1.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:helm-bash-completion-3.18.3-slfo.1.1_1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:helm-bash-completion-3.18.3-slfo.1.1_1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:helm-3.18.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:helm-bash-completion-3.18.3-slfo.1.1_1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-28T06:00:42Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:02351-1
Vulnerability from csaf_suse - Published: 2025-07-17 12:32 - Updated: 2025-07-17 12:32Summary
Security update for kubernetes1.25
Notes
Title of the patch
Security update for kubernetes1.25
Description of the patch
This update for kubernetes1.25 fixes the following issues:
- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).
Patchnames
SUSE-2025-2351,SUSE-SLE-Module-Containers-15-SP6-2025-2351,openSUSE-SLE-15.6-2025-2351
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.25",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.25 fixes the following issues:\n\n- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2351,SUSE-SLE-Module-Containers-15-SP6-2025-2351,openSUSE-SLE-15.6-2025-2351",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02351-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02351-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502351-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02351-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040763.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241865",
"url": "https://bugzilla.suse.com/1241865"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubernetes1.25",
"tracking": {
"current_release_date": "2025-07-17T12:32:49Z",
"generator": {
"date": "2025-07-17T12:32:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02351-1",
"initial_release_date": "2025-07-17T12:32:49Z",
"revision_history": [
{
"date": "2025-07-17T12:32:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.aarch64",
"product_id": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64",
"product_id": "kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64",
"product_id": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.aarch64",
"product_id": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.aarch64",
"product_id": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.aarch64",
"product_id": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.aarch64",
"product_id": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.aarch64",
"product_id": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.aarch64",
"product_id": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.25-client-bash-completion-1.25.16-150400.9.22.1.noarch",
"product": {
"name": "kubernetes1.25-client-bash-completion-1.25.16-150400.9.22.1.noarch",
"product_id": "kubernetes1.25-client-bash-completion-1.25.16-150400.9.22.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-client-fish-completion-1.25.16-150400.9.22.1.noarch",
"product": {
"name": "kubernetes1.25-client-fish-completion-1.25.16-150400.9.22.1.noarch",
"product_id": "kubernetes1.25-client-fish-completion-1.25.16-150400.9.22.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.s390x",
"product_id": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.s390x",
"product_id": "kubernetes1.25-client-1.25.16-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x",
"product_id": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.s390x",
"product_id": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.s390x",
"product_id": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.s390x",
"product_id": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.s390x",
"product_id": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.s390x",
"product_id": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.s390x",
"product_id": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.x86_64",
"product_id": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64",
"product_id": "kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64",
"product_id": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.x86_64",
"product_id": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.x86_64",
"product_id": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.x86_64",
"product_id": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.x86_64",
"product_id": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.x86_64",
"product_id": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.x86_64",
"product_id": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.25-client-1.25.16-150400.9.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.25-apiserver-1.25.16-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.25-client-1.25.16-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-bash-completion-1.25.16-150400.9.22.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-client-bash-completion-1.25.16-150400.9.22.1.noarch"
},
"product_reference": "kubernetes1.25-client-bash-completion-1.25.16-150400.9.22.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-client-fish-completion-1.25.16-150400.9.22.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-client-fish-completion-1.25.16-150400.9.22.1.noarch"
},
"product_reference": "kubernetes1.25-client-fish-completion-1.25.16-150400.9.22.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.25-kubelet-1.25.16-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.25-proxy-1.25.16-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.25-scheduler-1.25.16-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-client-bash-completion-1.25.16-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-client-fish-completion-1.25.16-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-client-bash-completion-1.25.16-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-client-fish-completion-1.25.16-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-apiserver-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-client-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-client-bash-completion-1.25.16-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-client-common-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-client-fish-completion-1.25.16-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-controller-manager-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-kubeadm-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-kubelet-common-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-proxy-1.25.16-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.25-scheduler-1.25.16-150400.9.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-17T12:32:49Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:01991-1
Vulnerability from csaf_suse - Published: 2025-06-18 02:12 - Updated: 2025-06-18 02:12Summary
Security update for grafana
Notes
Title of the patch
Security update for grafana
Description of the patch
This update for grafana fixes the following issues:
grafana was updated from version 10.4.15 to 11.5.5 (jsc#PED-12918):
- Security issues fixed:
* CVE-2025-4123: Fix cross-site scripting vulnerability (bsc#1243714).
* CVE-2025-22872: Bump golang.org/x/net/html (bsc#1241809)
* CVE-2025-3580: Prevent unauthorized server admin deletion (bsc#1243672).
* CVE-2025-29923: Bump github.com/redis/go-redis/v9 to 9.6.3.
* CVE-2025-3454: Sanitize paths before evaluating access to route (bsc#1241683).
* CVE-2025-2703: Fix built-in XY Chart plugin (bsc#1241687).
* CVE-2025-22870: Bump golang.org/x/net (bsc#1238703).
* CVE-2024-9476: Fix Migration Assistant issue (bsc#1233343)
* CVE-2024-9264: SQL Expressions (bsc#1231844)
* CVE-2023-45288: Bump golang.org/x/net (bsc#1236510)
* CVE-2025-22870: Bump golang.org/x/net to version 0.37.0 (bsc#1238686)
- Potential breaking changes in version 11.5.0:
* Loki: Default to /labels API with query param instead of /series API.
- Potential breaking changes in version 11.0.1:
* If you had selected your language as 'Portugus Brasileiro'
previously, this will be reset. You have to select it again in
your Preferences for the fix to be applied and the translations
will then be shown.
- Potential breaking changes in version 11.0.0:
* AngularJS support is turned off by default.
* Legacy alerting is entirely removed.
* Subfolders cause very rare issues with folders which have
slashes in their names.
* The input data source is removed.
* Data sources: Responses which are associated with hidden
queries will be removed (filtered) by Grafana.
* The URL which is generated when viewing an individual repeated
panel has changed.
* React Router is deprecated.
* The grafana/e2e testing tool is deprecated.
- This update brings many new features, enhancements and fixes highlighted at:
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-5/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-4/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-3/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-2/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-1/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-0/
Patchnames
SUSE-2025-1991,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1991,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1991,openSUSE-SLE-15.6-2025-1991
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for grafana",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for grafana fixes the following issues:\n\ngrafana was updated from version 10.4.15 to 11.5.5 (jsc#PED-12918):\n\n- Security issues fixed:\n * CVE-2025-4123: Fix cross-site scripting vulnerability (bsc#1243714).\n * CVE-2025-22872: Bump golang.org/x/net/html (bsc#1241809)\n * CVE-2025-3580: Prevent unauthorized server admin deletion (bsc#1243672).\n * CVE-2025-29923: Bump github.com/redis/go-redis/v9 to 9.6.3.\n * CVE-2025-3454: Sanitize paths before evaluating access to route (bsc#1241683).\n * CVE-2025-2703: Fix built-in XY Chart plugin (bsc#1241687).\n * CVE-2025-22870: Bump golang.org/x/net (bsc#1238703).\n * CVE-2024-9476: Fix Migration Assistant issue (bsc#1233343)\n * CVE-2024-9264: SQL Expressions (bsc#1231844)\n * CVE-2023-45288: Bump golang.org/x/net (bsc#1236510)\n * CVE-2025-22870: Bump golang.org/x/net to version 0.37.0 (bsc#1238686)\n\n- Potential breaking changes in version 11.5.0:\n * Loki: Default to /labels API with query param instead of /series API.\n- Potential breaking changes in version 11.0.1:\n * If you had selected your language as \u0027Portugus Brasileiro\u0027\n previously, this will be reset. You have to select it again in\n your Preferences for the fix to be applied and the translations\n will then be shown.\n- Potential breaking changes in version 11.0.0:\n * AngularJS support is turned off by default.\n * Legacy alerting is entirely removed.\n * Subfolders cause very rare issues with folders which have\n slashes in their names.\n * The input data source is removed.\n * Data sources: Responses which are associated with hidden\n queries will be removed (filtered) by Grafana.\n * The URL which is generated when viewing an individual repeated\n panel has changed.\n * React Router is deprecated.\n * The grafana/e2e testing tool is deprecated.\n \n- This update brings many new features, enhancements and fixes highlighted at:\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-5/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-4/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-3/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-2/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-1/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-0/\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1991,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1991,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1991,openSUSE-SLE-15.6-2025-1991",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01991-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01991-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501991-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01991-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040347.html"
},
{
"category": "self",
"summary": "SUSE Bug 1231844",
"url": "https://bugzilla.suse.com/1231844"
},
{
"category": "self",
"summary": "SUSE Bug 1233343",
"url": "https://bugzilla.suse.com/1233343"
},
{
"category": "self",
"summary": "SUSE Bug 1236510",
"url": "https://bugzilla.suse.com/1236510"
},
{
"category": "self",
"summary": "SUSE Bug 1236516",
"url": "https://bugzilla.suse.com/1236516"
},
{
"category": "self",
"summary": "SUSE Bug 1238686",
"url": "https://bugzilla.suse.com/1238686"
},
{
"category": "self",
"summary": "SUSE Bug 1238703",
"url": "https://bugzilla.suse.com/1238703"
},
{
"category": "self",
"summary": "SUSE Bug 1241683",
"url": "https://bugzilla.suse.com/1241683"
},
{
"category": "self",
"summary": "SUSE Bug 1241687",
"url": "https://bugzilla.suse.com/1241687"
},
{
"category": "self",
"summary": "SUSE Bug 1241809",
"url": "https://bugzilla.suse.com/1241809"
},
{
"category": "self",
"summary": "SUSE Bug 1243672",
"url": "https://bugzilla.suse.com/1243672"
},
{
"category": "self",
"summary": "SUSE Bug 1243714",
"url": "https://bugzilla.suse.com/1243714"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9476 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-29923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-29923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3454 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3454/"
}
],
"title": "Security update for grafana",
"tracking": {
"current_release_date": "2025-06-18T02:12:17Z",
"generator": {
"date": "2025-06-18T02:12:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01991-1",
"initial_release_date": "2025-06-18T02:12:17Z",
"revision_history": [
{
"date": "2025-06-18T02:12:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.5-150200.3.72.2.aarch64",
"product": {
"name": "grafana-11.5.5-150200.3.72.2.aarch64",
"product_id": "grafana-11.5.5-150200.3.72.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.5-150200.3.72.2.ppc64le",
"product": {
"name": "grafana-11.5.5-150200.3.72.2.ppc64le",
"product_id": "grafana-11.5.5-150200.3.72.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.5-150200.3.72.2.s390x",
"product": {
"name": "grafana-11.5.5-150200.3.72.2.s390x",
"product_id": "grafana-11.5.5-150200.3.72.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.5-150200.3.72.2.x86_64",
"product": {
"name": "grafana-11.5.5-150200.3.72.2.x86_64",
"product_id": "grafana-11.5.5-150200.3.72.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150200.3.72.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
},
"product_reference": "grafana-11.5.5-150200.3.72.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:12:17Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2024-9264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9264"
}
],
"notes": [
{
"category": "general",
"text": "The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana\u0027s $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9264",
"url": "https://www.suse.com/security/cve/CVE-2024-9264"
},
{
"category": "external",
"summary": "SUSE Bug 1231844 for CVE-2024-9264",
"url": "https://bugzilla.suse.com/1231844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:12:17Z",
"details": "critical"
}
],
"title": "CVE-2024-9264"
},
{
"cve": "CVE-2024-9476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9476"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9476",
"url": "https://www.suse.com/security/cve/CVE-2024-9476"
},
{
"category": "external",
"summary": "SUSE Bug 1233343 for CVE-2024-9476",
"url": "https://bugzilla.suse.com/1233343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:12:17Z",
"details": "moderate"
}
],
"title": "CVE-2024-9476"
},
{
"cve": "CVE-2025-22870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22870"
}
],
"notes": [
{
"category": "general",
"text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22870",
"url": "https://www.suse.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "SUSE Bug 1238572 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "external",
"summary": "SUSE Bug 1238611 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:12:17Z",
"details": "moderate"
}
],
"title": "CVE-2025-22870"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:12:17Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-2703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2703"
}
],
"notes": [
{
"category": "general",
"text": "The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. \n\nA user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2703",
"url": "https://www.suse.com/security/cve/CVE-2025-2703"
},
{
"category": "external",
"summary": "SUSE Bug 1241687 for CVE-2025-2703",
"url": "https://bugzilla.suse.com/1241687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:12:17Z",
"details": "moderate"
}
],
"title": "CVE-2025-2703"
},
{
"cve": "CVE-2025-29923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-29923"
}
],
"notes": [
{
"category": "general",
"text": "go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when `CLIENT SETINFO` times out during connection establishment. This can happen when the client is configured to transmit its identity, there are network connectivity issues, or the client was configured with aggressive timeouts. The problem occurs for multiple use cases. For sticky connections, you receive persistent out-of-order responses for the lifetime of the connection. All commands in the pipeline receive incorrect responses. When used with the default ConnPool once a connection is returned after use with ConnPool#Put the read buffer will be checked and the connection will be marked as bad due to the unread data. This means that at most one out-of-order response before the connection is discarded. This issue is fixed in 9.5.5, 9.6.3, and 9.7.3. You can prevent the vulnerability by setting the flag DisableIndentity to true when constructing the client instance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-29923",
"url": "https://www.suse.com/security/cve/CVE-2025-29923"
},
{
"category": "external",
"summary": "SUSE Bug 1241152 for CVE-2025-29923",
"url": "https://bugzilla.suse.com/1241152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:12:17Z",
"details": "low"
}
],
"title": "CVE-2025-29923"
},
{
"cve": "CVE-2025-3454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3454"
}
],
"notes": [
{
"category": "general",
"text": "This vulnerability in Grafana\u0027s datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path.\n\nUsers with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources.\n\nThe issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3454",
"url": "https://www.suse.com/security/cve/CVE-2025-3454"
},
{
"category": "external",
"summary": "SUSE Bug 1241683 for CVE-2025-3454",
"url": "https://bugzilla.suse.com/1241683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.5-150200.3.72.2.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.5-150200.3.72.2.x86_64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.aarch64",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.s390x",
"openSUSE Leap 15.6:grafana-11.5.5-150200.3.72.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:12:17Z",
"details": "moderate"
}
],
"title": "CVE-2025-3454"
}
]
}
SUSE-SU-2025:02350-1
Vulnerability from csaf_suse - Published: 2025-08-01 16:07 - Updated: 2025-08-01 16:07Summary
Security update for kubernetes1.28
Notes
Title of the patch
Security update for kubernetes1.28
Description of the patch
This update for kubernetes1.28 fixes the following issues:
- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).
Patchnames
SUSE-2025-2350,SUSE-SLE-Module-Containers-15-SP6-2025-2350
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.28",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.28 fixes the following issues:\n\n- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2350,SUSE-SLE-Module-Containers-15-SP6-2025-2350",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02350-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02350-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502350-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02350-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040764.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241865",
"url": "https://bugzilla.suse.com/1241865"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubernetes1.28",
"tracking": {
"current_release_date": "2025-08-01T16:07:53Z",
"generator": {
"date": "2025-08-01T16:07:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02350-1",
"initial_release_date": "2025-08-01T16:07:53Z",
"revision_history": [
{
"date": "2025-08-01T16:07:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.28-client-bash-completion-1.28.13-150400.9.14.1.noarch",
"product": {
"name": "kubernetes1.28-client-bash-completion-1.28.13-150400.9.14.1.noarch",
"product_id": "kubernetes1.28-client-bash-completion-1.28.13-150400.9.14.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-fish-completion-1.28.13-150400.9.14.1.noarch",
"product": {
"name": "kubernetes1.28-client-fish-completion-1.28.13-150400.9.14.1.noarch",
"product_id": "kubernetes1.28-client-fish-completion-1.28.13-150400.9.14.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-01T16:07:53Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:02350-2
Vulnerability from csaf_suse - Published: 2025-08-01 16:07 - Updated: 2025-08-01 16:07Summary
Security update for kubernetes1.28
Notes
Title of the patch
Security update for kubernetes1.28
Description of the patch
This update for kubernetes1.28 fixes the following issues:
- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).
Patchnames
SUSE-2025-2350,SUSE-SLE-Module-Containers-15-SP6-2025-2350,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2350,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2350,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2350,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2350,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2350,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2350,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2350,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2350
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.28",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.28 fixes the following issues:\n\n- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2350,SUSE-SLE-Module-Containers-15-SP6-2025-2350,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2350,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2350,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2350,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2350,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2350,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2350,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2350,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2350",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02350-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02350-2",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502350-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02350-2",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041007.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241865",
"url": "https://bugzilla.suse.com/1241865"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubernetes1.28",
"tracking": {
"current_release_date": "2025-08-01T16:07:50Z",
"generator": {
"date": "2025-08-01T16:07:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02350-2",
"initial_release_date": "2025-08-01T16:07:50Z",
"revision_history": [
{
"date": "2025-08-01T16:07:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.aarch64",
"product": {
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.aarch64",
"product_id": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.28-client-bash-completion-1.28.13-150400.9.14.1.noarch",
"product": {
"name": "kubernetes1.28-client-bash-completion-1.28.13-150400.9.14.1.noarch",
"product_id": "kubernetes1.28-client-bash-completion-1.28.13-150400.9.14.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-fish-completion-1.28.13-150400.9.14.1.noarch",
"product": {
"name": "kubernetes1.28-client-fish-completion-1.28.13-150400.9.14.1.noarch",
"product_id": "kubernetes1.28-client-fish-completion-1.28.13-150400.9.14.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.ppc64le",
"product": {
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.ppc64le",
"product_id": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.s390x",
"product": {
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.s390x",
"product_id": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-apiserver-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-controller-manager-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-kubeadm-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-kubelet-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-kubelet-common-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-proxy-1.28.13-150400.9.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.x86_64",
"product": {
"name": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.x86_64",
"product_id": "kubernetes1.28-scheduler-1.28.13-150400.9.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
},
"product_reference": "kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-1.28.13-150400.9.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-common-1.28.13-150400.9.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.28-client-common-1.28.13-150400.9.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-01T16:07:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:01945-1
Vulnerability from csaf_suse - Published: 2025-06-13 10:16 - Updated: 2025-06-13 10:16Summary
Security update for kubernetes-old
Notes
Title of the patch
Security update for kubernetes-old
Description of the patch
This update for kubernetes-old fixes the following issues:
- CVE-2025-22872: Fixed golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241781)
This update to version 1.31.9 (jsc#PED-11105)
* Find full changelog https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.31.md#v1319
Patchnames
SUSE-2025-1945,SUSE-SLE-Module-Containers-15-SP6-2025-1945,SUSE-SLE-Module-Containers-15-SP7-2025-1945,openSUSE-SLE-15.6-2025-1945
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes-old",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes-old fixes the following issues:\n\n- CVE-2025-22872: Fixed golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241781)\n\nThis update to version 1.31.9 (jsc#PED-11105)\n\n* Find full changelog https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.31.md#v1319\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1945,SUSE-SLE-Module-Containers-15-SP6-2025-1945,SUSE-SLE-Module-Containers-15-SP7-2025-1945,openSUSE-SLE-15.6-2025-1945",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01945-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01945-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501945-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01945-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040282.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241781",
"url": "https://bugzilla.suse.com/1241781"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubernetes-old",
"tracking": {
"current_release_date": "2025-06-13T10:16:36Z",
"generator": {
"date": "2025-06-13T10:16:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01945-1",
"initial_release_date": "2025-06-13T10:16:36Z",
"revision_history": [
{
"date": "2025-06-13T10:16:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.aarch64",
"product": {
"name": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.aarch64",
"product_id": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"product": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"product_id": "kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"product": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"product_id": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.aarch64",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.aarch64",
"product_id": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.aarch64",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.aarch64",
"product_id": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.aarch64",
"product": {
"name": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.aarch64",
"product_id": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.aarch64",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.aarch64",
"product_id": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.aarch64",
"product": {
"name": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.aarch64",
"product_id": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.aarch64",
"product": {
"name": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.aarch64",
"product_id": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"product": {
"name": "kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"product_id": "kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-fish-completion-1.31.9-150600.13.10.1.noarch",
"product": {
"name": "kubernetes1.31-client-fish-completion-1.31.9-150600.13.10.1.noarch",
"product_id": "kubernetes1.31-client-fish-completion-1.31.9-150600.13.10.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.ppc64le",
"product": {
"name": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.ppc64le",
"product_id": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"product": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"product_id": "kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"product": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"product_id": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.ppc64le",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.ppc64le",
"product_id": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.ppc64le",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.ppc64le",
"product_id": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.ppc64le",
"product": {
"name": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.ppc64le",
"product_id": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.ppc64le",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.ppc64le",
"product_id": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.ppc64le",
"product": {
"name": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.ppc64le",
"product_id": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.ppc64le",
"product": {
"name": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.ppc64le",
"product_id": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.s390x",
"product": {
"name": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.s390x",
"product_id": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"product": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"product_id": "kubernetes1.31-client-1.31.9-150600.13.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"product": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"product_id": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.s390x",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.s390x",
"product_id": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.s390x",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.s390x",
"product_id": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.s390x",
"product": {
"name": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.s390x",
"product_id": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.s390x",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.s390x",
"product_id": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.s390x",
"product": {
"name": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.s390x",
"product_id": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.s390x",
"product": {
"name": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.s390x",
"product_id": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.x86_64",
"product": {
"name": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.x86_64",
"product_id": "kubernetes1.31-apiserver-1.31.9-150600.13.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"product": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"product_id": "kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64",
"product": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64",
"product_id": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.x86_64",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.x86_64",
"product_id": "kubernetes1.31-controller-manager-1.31.9-150600.13.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.x86_64",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.x86_64",
"product_id": "kubernetes1.31-kubeadm-1.31.9-150600.13.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.x86_64",
"product": {
"name": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.x86_64",
"product_id": "kubernetes1.31-kubelet-1.31.9-150600.13.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.x86_64",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.x86_64",
"product_id": "kubernetes1.31-kubelet-common-1.31.9-150600.13.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.x86_64",
"product": {
"name": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.x86_64",
"product_id": "kubernetes1.31-proxy-1.31.9-150600.13.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.x86_64",
"product": {
"name": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.x86_64",
"product_id": "kubernetes1.31-scheduler-1.31.9-150600.13.10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch"
},
"product_reference": "kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch"
},
"product_reference": "kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64"
},
"product_reference": "kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch"
},
"product_reference": "kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64"
},
"product_reference": "kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.s390x",
"openSUSE Leap 15.6:kubernetes1.31-client-1.31.9-150600.13.10.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.31-client-bash-completion-1.31.9-150600.13.10.1.noarch",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.s390x",
"openSUSE Leap 15.6:kubernetes1.31-client-common-1.31.9-150600.13.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T10:16:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:02121-1
Vulnerability from csaf_suse - Published: 2025-06-26 08:34 - Updated: 2025-06-26 08:34Summary
Security update for helm
Notes
Title of the patch
Security update for helm
Description of the patch
This update for helm fixes the following issues:
Update to version 3.18.3:
* build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
6838ebc (dependabot[bot])
* fix: user username password for login 5b9e2f6 (Terry Howe)
* Update pkg/registry/transport.go 2782412 (Terry Howe)
* Update pkg/registry/transport.go e66cf6a (Terry Howe)
* fix: add debug logging to oci transport 191f05c (Terry Howe)
Update to version 3.18.2:
* fix: legacy docker support broken for login 04cad46 (Terry
Howe)
* Handle an empty registry config file. bc9f8a2 (Matt Farina)
Update to version 3.18.1:
* Notes:
- This release fixes regressions around template generation and
OCI registry interaction in 3.18.0
- There are at least 2 known regressions unaddressed in this
release. They are being worked on.
- Empty registry configuration files. When the file exists
but it is empty.
- Login to Docker Hub on some domains fails.
* Changelog
- fix(client): skipnode utilization for PreCopy
- fix(client): layers now returns manifest - remove duplicate
from descriptors
- fix(client): return nil on non-allowed media types
- Prevent fetching newReference again as we have in calling
method
- Prevent failure when resolving version tags in oras memory
store
- Update pkg/plugin/plugin.go
- Update pkg/plugin/plugin.go
- Wait for Helm v4 before raising when platformCommand and
Command are set
- Fix 3.18.0 regression: registry login with scheme
- Revert 'fix (helm) : toToml` renders int as float [ backport
to v3 ]'
Update to version 3.18.0 (bsc#1241802, CVE-2025-22872):
* Notable Changes
- Add support for JSON Schema 2020
- Enabled cpu and memory profiling
- Add hook annotation to output hook logs to client on error
* Changelog
- build(deps): bump the k8s-io group with 7 updates
- fix: govulncheck workflow
- bump version to v3.18.0
- fix:add proxy support when mTLS configured
- docs: Note about http fallback for OCI registries
- Bump net package to avoid CVE on dev-v3
- Bump toml
- backport #30677to dev3
- build(deps): bump github.com/rubenv/sql-migrate from 1.7.2 to
1.8.0
- Add install test for TakeOwnership flag
- Fix --take-ownership
- build(deps): bump github.com/rubenv/sql-migrate from 1.7.1 to
1.7.2
- build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0
- build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0
- Testing text bump
- Permit more Go version and not only 1.23.8
- Bumps github.com/distribution/distribution/v3 from 3.0.0-rc.3
to 3.0.0
- Unarchiving fix
- Fix typo
- Report as debug log, the time spent waiting for resources
- build(deps): bump github.com/containerd/containerd from
1.7.26 to 1.7.27
- Update pkg/registry/fallback.go
- automatic fallback to http
- chore(oci): upgrade to ORAS v2
- Updating to 0.37.0 for x/net
- build(deps): bump the k8s-io group with 7 updates
- build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0
- build(deps): bump github.com/opencontainers/image-spec
- build(deps): bump github.com/containerd/containerd from
1.7.25 to 1.7.26
- build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0
- Fix cherry-pick helm.sh/helm/v4 -> helm.sh/helm/v3
- Add HookOutputFunc and generic yaml unmarshaller
- clarify fix error message
- fix err check
- add short circuit return
- Add hook annotations to output pod logs to client on success
and fail
- chore: use []error instead of []string
- Update cmd/helm/profiling.go
- chore: update profiling doc in CONTRIBUTING.md
- Update CONTRIBUTING guide
- Prefer environment variables to CLI flags
- Move pprof paths to HELM_PPROF env variable
- feat: Add flags to enable CPU and memory profiling
- build(deps): bump github.com/distribution/distribution/v3
- build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1
- Moving to SetOut and SetErr for Cobra
- build(deps): bump the k8s-io group with 7 updates
- build(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0
- build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0
- build(deps): bump golang.org/x/text from 0.21.0 to 0.22.0
- build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
- build(deps): bump github.com/cyphar/filepath-securejoin
- build(deps): bump github.com/evanphx/json-patch
- build(deps): bump the k8s-io group with 7 updates
- fix: check group for resource info match
- Bump github.com/cyphar/filepath-securejoin from 0.3.6 to
0.4.0
- add test for nullifying nested global value
- Ensuring the file paths are clean prior to passing to
securejoin
- Bump github.com/containerd/containerd from 1.7.24 to 1.7.25
- Bump golang.org/x/crypto from 0.31.0 to 0.32.0
- Bump golang.org/x/term from 0.27.0 to 0.28.0
- bump version to v3.17.0
- Bump github.com/moby/term from 0.5.0 to 0.5.2
- Add test case for removing an entire object
- Tests for bugfix: Override subcharts with null values #12879
- feat: Added multi-platform plugin hook support to v3
- This commit fixes the issue where the yaml.Unmarshaller
converts all int values into float64, this passes in option
to decoder, which enables conversion of int into .
- merge null child chart objects
Patchnames
SUSE-2025-2121,SUSE-SLE-Micro-5.5-2025-2121,SUSE-SLE-Module-Containers-15-SP6-2025-2121,SUSE-SLE-Module-Containers-15-SP7-2025-2121,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2121,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2121,openSUSE-SLE-15.6-2025-2121
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for helm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for helm fixes the following issues:\n\nUpdate to version 3.18.3:\n\n * build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0\n 6838ebc (dependabot[bot])\n * fix: user username password for login 5b9e2f6 (Terry Howe)\n * Update pkg/registry/transport.go 2782412 (Terry Howe)\n * Update pkg/registry/transport.go e66cf6a (Terry Howe)\n * fix: add debug logging to oci transport 191f05c (Terry Howe)\n\nUpdate to version 3.18.2:\n\n * fix: legacy docker support broken for login 04cad46 (Terry\n Howe)\n * Handle an empty registry config file. bc9f8a2 (Matt Farina)\n\nUpdate to version 3.18.1:\n\n * Notes:\n\n - This release fixes regressions around template generation and\n OCI registry interaction in 3.18.0\n - There are at least 2 known regressions unaddressed in this\n release. They are being worked on.\n - Empty registry configuration files. When the file exists\n but it is empty.\n - Login to Docker Hub on some domains fails.\n\n * Changelog\n\n - fix(client): skipnode utilization for PreCopy\n - fix(client): layers now returns manifest - remove duplicate\n from descriptors\n - fix(client): return nil on non-allowed media types\n - Prevent fetching newReference again as we have in calling\n method\n - Prevent failure when resolving version tags in oras memory\n store\n - Update pkg/plugin/plugin.go\n - Update pkg/plugin/plugin.go\n - Wait for Helm v4 before raising when platformCommand and\n Command are set\n - Fix 3.18.0 regression: registry login with scheme\n - Revert \u0027fix (helm) : toToml` renders int as float [ backport\n to v3 ]\u0027\n\nUpdate to version 3.18.0 (bsc#1241802, CVE-2025-22872):\n\n * Notable Changes\n\n - Add support for JSON Schema 2020\n - Enabled cpu and memory profiling\n - Add hook annotation to output hook logs to client on error\n\n * Changelog\n\n - build(deps): bump the k8s-io group with 7 updates\n - fix: govulncheck workflow\n - bump version to v3.18.0\n - fix:add proxy support when mTLS configured\n - docs: Note about http fallback for OCI registries\n - Bump net package to avoid CVE on dev-v3\n - Bump toml\n - backport #30677to dev3\n - build(deps): bump github.com/rubenv/sql-migrate from 1.7.2 to\n 1.8.0\n - Add install test for TakeOwnership flag\n - Fix --take-ownership\n - build(deps): bump github.com/rubenv/sql-migrate from 1.7.1 to\n 1.7.2\n - build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0\n - build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0\n - Testing text bump\n - Permit more Go version and not only 1.23.8\n - Bumps github.com/distribution/distribution/v3 from 3.0.0-rc.3\n to 3.0.0\n - Unarchiving fix\n - Fix typo\n - Report as debug log, the time spent waiting for resources\n - build(deps): bump github.com/containerd/containerd from\n 1.7.26 to 1.7.27\n - Update pkg/registry/fallback.go\n - automatic fallback to http\n - chore(oci): upgrade to ORAS v2\n - Updating to 0.37.0 for x/net\n - build(deps): bump the k8s-io group with 7 updates\n - build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0\n - build(deps): bump github.com/opencontainers/image-spec\n - build(deps): bump github.com/containerd/containerd from\n 1.7.25 to 1.7.26\n - build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0\n - Fix cherry-pick helm.sh/helm/v4 -\u003e helm.sh/helm/v3\n - Add HookOutputFunc and generic yaml unmarshaller\n - clarify fix error message\n - fix err check\n - add short circuit return\n - Add hook annotations to output pod logs to client on success\n and fail\n - chore: use []error instead of []string\n - Update cmd/helm/profiling.go\n - chore: update profiling doc in CONTRIBUTING.md\n - Update CONTRIBUTING guide\n - Prefer environment variables to CLI flags\n - Move pprof paths to HELM_PPROF env variable\n - feat: Add flags to enable CPU and memory profiling\n - build(deps): bump github.com/distribution/distribution/v3\n - build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1\n - Moving to SetOut and SetErr for Cobra\n - build(deps): bump the k8s-io group with 7 updates\n - build(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0\n - build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0\n - build(deps): bump golang.org/x/text from 0.21.0 to 0.22.0\n - build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6\n - build(deps): bump github.com/cyphar/filepath-securejoin\n - build(deps): bump github.com/evanphx/json-patch\n - build(deps): bump the k8s-io group with 7 updates\n - fix: check group for resource info match\n - Bump github.com/cyphar/filepath-securejoin from 0.3.6 to\n 0.4.0\n - add test for nullifying nested global value\n - Ensuring the file paths are clean prior to passing to\n securejoin\n - Bump github.com/containerd/containerd from 1.7.24 to 1.7.25\n - Bump golang.org/x/crypto from 0.31.0 to 0.32.0\n - Bump golang.org/x/term from 0.27.0 to 0.28.0\n - bump version to v3.17.0\n - Bump github.com/moby/term from 0.5.0 to 0.5.2\n - Add test case for removing an entire object\n - Tests for bugfix: Override subcharts with null values #12879\n - feat: Added multi-platform plugin hook support to v3\n - This commit fixes the issue where the yaml.Unmarshaller\n converts all int values into float64, this passes in option\n to decoder, which enables conversion of int into .\n - merge null child chart objects\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2121,SUSE-SLE-Micro-5.5-2025-2121,SUSE-SLE-Module-Containers-15-SP6-2025-2121,SUSE-SLE-Module-Containers-15-SP7-2025-2121,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2121,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2121,openSUSE-SLE-15.6-2025-2121",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02121-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02121-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502121-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02121-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040492.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241802",
"url": "https://bugzilla.suse.com/1241802"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for helm",
"tracking": {
"current_release_date": "2025-06-26T08:34:10Z",
"generator": {
"date": "2025-06-26T08:34:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02121-1",
"initial_release_date": "2025-06-26T08:34:10Z",
"revision_history": [
{
"date": "2025-06-26T08:34:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-150000.1.50.1.aarch64",
"product": {
"name": "helm-3.18.3-150000.1.50.1.aarch64",
"product_id": "helm-3.18.3-150000.1.50.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-150000.1.50.1.i586",
"product": {
"name": "helm-3.18.3-150000.1.50.1.i586",
"product_id": "helm-3.18.3-150000.1.50.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"product": {
"name": "helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"product_id": "helm-bash-completion-3.18.3-150000.1.50.1.noarch"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"product": {
"name": "helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"product_id": "helm-fish-completion-3.18.3-150000.1.50.1.noarch"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.18.3-150000.1.50.1.noarch",
"product": {
"name": "helm-zsh-completion-3.18.3-150000.1.50.1.noarch",
"product_id": "helm-zsh-completion-3.18.3-150000.1.50.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-150000.1.50.1.ppc64le",
"product": {
"name": "helm-3.18.3-150000.1.50.1.ppc64le",
"product_id": "helm-3.18.3-150000.1.50.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-150000.1.50.1.s390x",
"product": {
"name": "helm-3.18.3-150000.1.50.1.s390x",
"product_id": "helm-3.18.3-150000.1.50.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-150000.1.50.1.x86_64",
"product": {
"name": "helm-3.18.3-150000.1.50.1.x86_64",
"product_id": "helm-3.18.3-150000.1.50.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.aarch64"
},
"product_reference": "helm-3.18.3-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.ppc64le"
},
"product_reference": "helm-3.18.3-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.s390x"
},
"product_reference": "helm-3.18.3-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.x86_64"
},
"product_reference": "helm-3.18.3-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-150000.1.50.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.18.3-150000.1.50.1.noarch"
},
"product_reference": "helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.aarch64"
},
"product_reference": "helm-3.18.3-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.ppc64le"
},
"product_reference": "helm-3.18.3-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.s390x"
},
"product_reference": "helm-3.18.3-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.x86_64"
},
"product_reference": "helm-3.18.3-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-150000.1.50.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.18.3-150000.1.50.1.noarch"
},
"product_reference": "helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.18.3-150000.1.50.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.18.3-150000.1.50.1.noarch"
},
"product_reference": "helm-zsh-completion-3.18.3-150000.1.50.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.aarch64"
},
"product_reference": "helm-3.18.3-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.ppc64le"
},
"product_reference": "helm-3.18.3-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.s390x"
},
"product_reference": "helm-3.18.3-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.x86_64"
},
"product_reference": "helm-3.18.3-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-150000.1.50.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.18.3-150000.1.50.1.noarch"
},
"product_reference": "helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.18.3-150000.1.50.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.18.3-150000.1.50.1.noarch"
},
"product_reference": "helm-zsh-completion-3.18.3-150000.1.50.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.18.3-150000.1.50.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.18.3-150000.1.50.1.noarch"
},
"product_reference": "helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.18.3-150000.1.50.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.18.3-150000.1.50.1.noarch"
},
"product_reference": "helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.aarch64"
},
"product_reference": "helm-3.18.3-150000.1.50.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.ppc64le"
},
"product_reference": "helm-3.18.3-150000.1.50.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.s390x"
},
"product_reference": "helm-3.18.3-150000.1.50.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-150000.1.50.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.x86_64"
},
"product_reference": "helm-3.18.3-150000.1.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-150000.1.50.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-bash-completion-3.18.3-150000.1.50.1.noarch"
},
"product_reference": "helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.18.3-150000.1.50.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-fish-completion-3.18.3-150000.1.50.1.noarch"
},
"product_reference": "helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.18.3-150000.1.50.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-zsh-completion-3.18.3-150000.1.50.1.noarch"
},
"product_reference": "helm-zsh-completion-3.18.3-150000.1.50.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.s390x",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.18.3-150000.1.50.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.s390x",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.18.3-150000.1.50.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.18.3-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.18.3-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.18.3-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.s390x",
"openSUSE Leap 15.6:helm-3.18.3-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.18.3-150000.1.50.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.18.3-150000.1.50.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.18.3-150000.1.50.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-26T08:34:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:01989-1
Vulnerability from csaf_suse - Published: 2025-06-18 02:11 - Updated: 2025-06-18 02:11Summary
Security update for Multi-Linux Manager Client Tools
Notes
Title of the patch
Security update for Multi-Linux Manager Client Tools
Description of the patch
This update fixes the following issues:
golang-github-prometheus-prometheus was updated to version 2.53.4:
- Security issues fixed:
* CVE-2023-45288: Require Go >= 1.23 for building (bsc#1236516)
* CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 (bsc#1238686)
- Other bugs fixes from version 2.53.4:
* Runtime: fixed GOGC being set to 0 when installed
with empty prometheus.yml file resulting high cpu usage
* Scrape: fixed dropping valid metrics after previous
scrape failed
prometheus-blackbox_exporter was updated from version 0.24.0 to 0.26.0 (jsc#PED-12872):
- Security issues fixed:
* CVE-2025-22870: Fixed proxy bypassing using IPv6 zone IDs (bsc#1238680)
* CVE-2023-45288: Fixed closing connections when receiving too many headers (bsc#1236515)
- Other changes from version 0.26.0:
* Changes:
+ Replace go-kit/log with log/slog module.
* Features:
+ Add metric to record tls ciphersuite negotiated during
handshake.
+ Add a way to export labels with content matched by the probe.
Reports Certificate Serial number.
* Enhancement:
+ Add stale workflow to start sync with stale.yaml in Prometheus.
* Bug fixes:
+ Only register grpc TLS metrics on successful handshake.
- Other changes from version 0.25.0:
* Features:
+ Allow to get Probe logs by target.
+ Log errors from probe.
* Bug fixes:
+ Prevent logging confusing error message.
+ Explicit registration of internal exporter metrics.
grafana was updated from version 10.4.15 to 11.5.5 (jsc#PED-12918):
- Security issues fixed:
* CVE-2025-4123: Fix cross-site scripting vulnerability (bsc#1243714).
* CVE-2025-22872: Bump golang.org/x/net/html (bsc#1241809)
* CVE-2025-3580: Prevent unauthorized server admin deletion (bsc#1243672).
* CVE-2025-29923: Bump github.com/redis/go-redis/v9 to 9.6.3.
* CVE-2025-3454: Sanitize paths before evaluating access to route (bsc#1241683).
* CVE-2025-2703: Fix built-in XY Chart plugin (bsc#1241687).
* CVE-2025-22870: Bump golang.org/x/net (bsc#1238703).
* CVE-2024-9476: Fix Migration Assistant issue (bsc#1233343)
* CVE-2024-9264: SQL Expressions (bsc#1231844)
* CVE-2023-45288: Bump golang.org/x/net (bsc#1236510)
* CVE-2025-22870: Bump golang.org/x/net to version 0.37.0 (bsc#1238686)
- Potential breaking changes in version 11.5.0:
* Loki: Default to /labels API with query param instead of /series API.
- Potential breaking changes in version 11.0.1:
* If you had selected your language as 'Portugus Brasileiro'
previously, this will be reset. You have to select it again in
your Preferences for the fix to be applied and the translations
will then be shown.
- Potential breaking changes in version 11.0.0:
* AngularJS support is turned off by default.
* Legacy alerting is entirely removed.
* Subfolders cause very rare issues with folders which have
slashes in their names.
* The input data source is removed.
* Data sources: Responses which are associated with hidden
queries will be removed (filtered) by Grafana.
* The URL which is generated when viewing an individual repeated
panel has changed.
* React Router is deprecated.
* The grafana/e2e testing tool is deprecated.
- This update brings many new features, enhancements and fixes highlighted at:
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-5/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-4/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-3/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-2/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-1/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-0/
Patchnames
SUSE-2025-1989,SUSE-SLE-Manager-Tools-15-2025-1989,SUSE-SLE-Manager-Tools-For-Micro-5-2025-1989,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2025-1989,openSUSE-SLE-15.6-2025-1989
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngolang-github-prometheus-prometheus was updated to version 2.53.4:\n \n- Security issues fixed:\n * CVE-2023-45288: Require Go \u003e= 1.23 for building (bsc#1236516)\n * CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 (bsc#1238686)\n\n- Other bugs fixes from version 2.53.4: \n * Runtime: fixed GOGC being set to 0 when installed\n with empty prometheus.yml file resulting high cpu usage\n * Scrape: fixed dropping valid metrics after previous\n scrape failed\n \nprometheus-blackbox_exporter was updated from version 0.24.0 to 0.26.0 (jsc#PED-12872): \n\n- Security issues fixed:\n * CVE-2025-22870: Fixed proxy bypassing using IPv6 zone IDs (bsc#1238680)\n * CVE-2023-45288: Fixed closing connections when receiving too many headers (bsc#1236515)\n\n- Other changes from version 0.26.0:\n * Changes:\n + Replace go-kit/log with log/slog module.\n * Features:\n + Add metric to record tls ciphersuite negotiated during\n handshake.\n + Add a way to export labels with content matched by the probe.\n Reports Certificate Serial number.\n * Enhancement:\n + Add stale workflow to start sync with stale.yaml in Prometheus.\n * Bug fixes:\n + Only register grpc TLS metrics on successful handshake.\n\n- Other changes from version 0.25.0:\n * Features:\n + Allow to get Probe logs by target.\n + Log errors from probe.\n * Bug fixes:\n + Prevent logging confusing error message.\n + Explicit registration of internal exporter metrics.\n\ngrafana was updated from version 10.4.15 to 11.5.5 (jsc#PED-12918):\n\n- Security issues fixed:\n * CVE-2025-4123: Fix cross-site scripting vulnerability (bsc#1243714).\n * CVE-2025-22872: Bump golang.org/x/net/html (bsc#1241809)\n * CVE-2025-3580: Prevent unauthorized server admin deletion (bsc#1243672).\n * CVE-2025-29923: Bump github.com/redis/go-redis/v9 to 9.6.3.\n * CVE-2025-3454: Sanitize paths before evaluating access to route (bsc#1241683).\n * CVE-2025-2703: Fix built-in XY Chart plugin (bsc#1241687).\n * CVE-2025-22870: Bump golang.org/x/net (bsc#1238703).\n * CVE-2024-9476: Fix Migration Assistant issue (bsc#1233343)\n * CVE-2024-9264: SQL Expressions (bsc#1231844)\n * CVE-2023-45288: Bump golang.org/x/net (bsc#1236510)\n * CVE-2025-22870: Bump golang.org/x/net to version 0.37.0 (bsc#1238686)\n\n- Potential breaking changes in version 11.5.0:\n * Loki: Default to /labels API with query param instead of /series API.\n\n- Potential breaking changes in version 11.0.1:\n * If you had selected your language as \u0027Portugus Brasileiro\u0027\n previously, this will be reset. You have to select it again in\n your Preferences for the fix to be applied and the translations\n will then be shown.\n\n- Potential breaking changes in version 11.0.0:\n * AngularJS support is turned off by default.\n * Legacy alerting is entirely removed.\n * Subfolders cause very rare issues with folders which have\n slashes in their names.\n * The input data source is removed.\n * Data sources: Responses which are associated with hidden\n queries will be removed (filtered) by Grafana.\n * The URL which is generated when viewing an individual repeated\n panel has changed.\n * React Router is deprecated.\n * The grafana/e2e testing tool is deprecated.\n \n- This update brings many new features, enhancements and fixes highlighted at:\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-5/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-4/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-3/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-2/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-1/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-0/\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1989,SUSE-SLE-Manager-Tools-15-2025-1989,SUSE-SLE-Manager-Tools-For-Micro-5-2025-1989,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2025-1989,openSUSE-SLE-15.6-2025-1989",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01989-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01989-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501989-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01989-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040349.html"
},
{
"category": "self",
"summary": "SUSE Bug 1208752",
"url": "https://bugzilla.suse.com/1208752"
},
{
"category": "self",
"summary": "SUSE Bug 1231844",
"url": "https://bugzilla.suse.com/1231844"
},
{
"category": "self",
"summary": "SUSE Bug 1233343",
"url": "https://bugzilla.suse.com/1233343"
},
{
"category": "self",
"summary": "SUSE Bug 1236510",
"url": "https://bugzilla.suse.com/1236510"
},
{
"category": "self",
"summary": "SUSE Bug 1236515",
"url": "https://bugzilla.suse.com/1236515"
},
{
"category": "self",
"summary": "SUSE Bug 1236516",
"url": "https://bugzilla.suse.com/1236516"
},
{
"category": "self",
"summary": "SUSE Bug 1238680",
"url": "https://bugzilla.suse.com/1238680"
},
{
"category": "self",
"summary": "SUSE Bug 1238686",
"url": "https://bugzilla.suse.com/1238686"
},
{
"category": "self",
"summary": "SUSE Bug 1238703",
"url": "https://bugzilla.suse.com/1238703"
},
{
"category": "self",
"summary": "SUSE Bug 1241683",
"url": "https://bugzilla.suse.com/1241683"
},
{
"category": "self",
"summary": "SUSE Bug 1241687",
"url": "https://bugzilla.suse.com/1241687"
},
{
"category": "self",
"summary": "SUSE Bug 1241809",
"url": "https://bugzilla.suse.com/1241809"
},
{
"category": "self",
"summary": "SUSE Bug 1243672",
"url": "https://bugzilla.suse.com/1243672"
},
{
"category": "self",
"summary": "SUSE Bug 1243714",
"url": "https://bugzilla.suse.com/1243714"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9476 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-29923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-29923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3454 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3454/"
}
],
"title": "Security update for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2025-06-18T02:11:23Z",
"generator": {
"date": "2025-06-18T02:11:23Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01989-1",
"initial_release_date": "2025-06-18T02:11:23Z",
"revision_history": [
{
"date": "2025-06-18T02:11:23Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"product_id": "firewalld-prometheus-config-0.1-150000.3.62.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"product_id": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.5-150000.1.79.1.aarch64",
"product": {
"name": "grafana-11.5.5-150000.1.79.1.aarch64",
"product_id": "grafana-11.5.5-150000.1.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.i586",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.i586",
"product_id": "firewalld-prometheus-config-0.1-150000.3.62.2.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.i586",
"product": {
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.i586",
"product_id": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.i586"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.i586",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.i586",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"product_id": "firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"product_id": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.5.5-150000.1.79.1.ppc64le",
"product": {
"name": "grafana-11.5.5-150000.1.79.1.ppc64le",
"product_id": "grafana-11.5.5-150000.1.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"product_id": "firewalld-prometheus-config-0.1-150000.3.62.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"product_id": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.5.5-150000.1.79.1.s390x",
"product": {
"name": "grafana-11.5.5-150000.1.79.1.s390x",
"product_id": "grafana-11.5.5-150000.1.79.1.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"product_id": "firewalld-prometheus-config-0.1-150000.3.62.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"product_id": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.5-150000.1.79.1.x86_64",
"product": {
"name": "grafana-11.5.5-150000.1.79.1.x86_64",
"product_id": "grafana-11.5.5-150000.1.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 15",
"product": {
"name": "SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15"
}
},
{
"category": "product_name",
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product": {
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-manager-tools-micro:5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy Module 4.3",
"product": {
"name": "SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-proxy:4.3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.62.2.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150000.1.79.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64"
},
"product_reference": "grafana-11.5.5-150000.1.79.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150000.1.79.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le"
},
"product_reference": "grafana-11.5.5-150000.1.79.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150000.1.79.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x"
},
"product_reference": "grafana-11.5.5-150000.1.79.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-150000.1.79.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64"
},
"product_reference": "grafana-11.5.5-150000.1.79.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64 as component of SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le as component of SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x as component of SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64 as component of SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:11:23Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2024-9264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9264"
}
],
"notes": [
{
"category": "general",
"text": "The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana\u0027s $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9264",
"url": "https://www.suse.com/security/cve/CVE-2024-9264"
},
{
"category": "external",
"summary": "SUSE Bug 1231844 for CVE-2024-9264",
"url": "https://bugzilla.suse.com/1231844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:11:23Z",
"details": "critical"
}
],
"title": "CVE-2024-9264"
},
{
"cve": "CVE-2024-9476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9476"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9476",
"url": "https://www.suse.com/security/cve/CVE-2024-9476"
},
{
"category": "external",
"summary": "SUSE Bug 1233343 for CVE-2024-9476",
"url": "https://bugzilla.suse.com/1233343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:11:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-9476"
},
{
"cve": "CVE-2025-22870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22870"
}
],
"notes": [
{
"category": "general",
"text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22870",
"url": "https://www.suse.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "SUSE Bug 1238572 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "external",
"summary": "SUSE Bug 1238611 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:11:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-22870"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:11:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-2703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2703"
}
],
"notes": [
{
"category": "general",
"text": "The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. \n\nA user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2703",
"url": "https://www.suse.com/security/cve/CVE-2025-2703"
},
{
"category": "external",
"summary": "SUSE Bug 1241687 for CVE-2025-2703",
"url": "https://bugzilla.suse.com/1241687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:11:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-2703"
},
{
"cve": "CVE-2025-29923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-29923"
}
],
"notes": [
{
"category": "general",
"text": "go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when `CLIENT SETINFO` times out during connection establishment. This can happen when the client is configured to transmit its identity, there are network connectivity issues, or the client was configured with aggressive timeouts. The problem occurs for multiple use cases. For sticky connections, you receive persistent out-of-order responses for the lifetime of the connection. All commands in the pipeline receive incorrect responses. When used with the default ConnPool once a connection is returned after use with ConnPool#Put the read buffer will be checked and the connection will be marked as bad due to the unread data. This means that at most one out-of-order response before the connection is discarded. This issue is fixed in 9.5.5, 9.6.3, and 9.7.3. You can prevent the vulnerability by setting the flag DisableIndentity to true when constructing the client instance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-29923",
"url": "https://www.suse.com/security/cve/CVE-2025-29923"
},
{
"category": "external",
"summary": "SUSE Bug 1241152 for CVE-2025-29923",
"url": "https://bugzilla.suse.com/1241152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:11:23Z",
"details": "low"
}
],
"title": "CVE-2025-29923"
},
{
"cve": "CVE-2025-3454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3454"
}
],
"notes": [
{
"category": "general",
"text": "This vulnerability in Grafana\u0027s datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path.\n\nUsers with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources.\n\nThe issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3454",
"url": "https://www.suse.com/security/cve/CVE-2025-3454"
},
{
"category": "external",
"summary": "SUSE Bug 1241683 for CVE-2025-3454",
"url": "https://bugzilla.suse.com/1241683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.4-150000.3.62.2.x86_64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.5.5-150000.1.79.1.x86_64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:11:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-3454"
}
]
}
SUSE-SU-2025:01985-1
Vulnerability from csaf_suse - Published: 2025-06-18 02:07 - Updated: 2025-06-18 02:07Summary
Security update 4.3.15 for Multi-Linux Manager Server
Notes
Title of the patch
Security update 4.3.15 for Multi-Linux Manager Server
Description of the patch
This update fixes the following issues:
release-notes-susemanager:
- Update to SUSE Manager 4.3.15.2
* SUSE Manager 4.3 will transition to LTS after June 2025
* CVE Fixed
CVE-2023-45288, CVE-2024-11741, CVE-2024-45337, CVE-2024-45339
CVE-2024-51744, CVE-2024-9264, CVE-2024-9476, CVE-2025-22870
CVE-2025-22872, CVE-2025-2703 CVE-2025-27144, CVE-2025-3454
CVE-2025-3580, CVE-2025-4123, CVE-2024-47535
Patchnames
SUSE-2025-1985,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1985
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 4.3.15 for Multi-Linux Manager Server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\nrelease-notes-susemanager:\n\n- Update to SUSE Manager 4.3.15.2\n * SUSE Manager 4.3 will transition to LTS after June 2025\n * CVE Fixed\n CVE-2023-45288, CVE-2024-11741, CVE-2024-45337, CVE-2024-45339\n CVE-2024-51744, CVE-2024-9264, CVE-2024-9476, CVE-2025-22870\n CVE-2025-22872, CVE-2025-2703 CVE-2025-27144, CVE-2025-3454\n CVE-2025-3580, CVE-2025-4123, CVE-2024-47535\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1985,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1985",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01985-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01985-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501985-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01985-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040353.html"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11741 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45337 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45339 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47535 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-51744 page",
"url": "https://www.suse.com/security/cve/CVE-2024-51744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9476 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3454 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3580 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4123 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4123/"
}
],
"title": "Security update 4.3.15 for Multi-Linux Manager Server",
"tracking": {
"current_release_date": "2025-06-18T02:07:51Z",
"generator": {
"date": "2025-06-18T02:07:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01985-1",
"initial_release_date": "2025-06-18T02:07:51Z",
"revision_history": [
{
"date": "2025-06-18T02:07:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch",
"product": {
"name": "release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch",
"product_id": "release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
},
"product_reference": "release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2024-11741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11741"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \nThe Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11741",
"url": "https://www.suse.com/security/cve/CVE-2024-11741"
},
{
"category": "external",
"summary": "SUSE Bug 1236734 for CVE-2024-11741",
"url": "https://bugzilla.suse.com/1236734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-11741"
},
{
"cve": "CVE-2024-45337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45337"
}
],
"notes": [
{
"category": "general",
"text": "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45337",
"url": "https://www.suse.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "SUSE Bug 1234482 for CVE-2024-45337",
"url": "https://bugzilla.suse.com/1234482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "important"
}
],
"title": "CVE-2024-45337"
},
{
"cve": "CVE-2024-45339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45339"
}
],
"notes": [
{
"category": "general",
"text": "When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process\u0027s log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45339",
"url": "https://www.suse.com/security/cve/CVE-2024-45339"
},
{
"category": "external",
"summary": "SUSE Bug 1236541 for CVE-2024-45339",
"url": "https://bugzilla.suse.com/1236541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "important"
}
],
"title": "CVE-2024-45339"
},
{
"cve": "CVE-2024-47535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47535"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers \u0026 clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47535",
"url": "https://www.suse.com/security/cve/CVE-2024-47535"
},
{
"category": "external",
"summary": "SUSE Bug 1233297 for CVE-2024-47535",
"url": "https://bugzilla.suse.com/1233297"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-47535"
},
{
"cve": "CVE-2024-51744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-51744"
}
],
"notes": [
{
"category": "general",
"text": "golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by `ParseWithClaims` return both error codes. If users only check for the `jwt.ErrTokenExpired ` using `error.Is`, they will ignore the embedded `jwt.ErrTokenSignatureInvalid` and thus potentially accept invalid tokens. A fix has been back-ported with the error handling logic from the `v5` branch to the `v4` branch. In this logic, the `ParseWithClaims` function will immediately return in \"dangerous\" situations (e.g., an invalid signature), limiting the combined errors only to situations where the signature is valid, but further validation failed (e.g., if the signature is valid, but is expired AND has the wrong audience). This fix is part of the 4.5.1 release. We are aware that this changes the behaviour of an established function and is not 100 % backwards compatible, so updating to 4.5.1 might break your code. In case you cannot update to 4.5.0, please make sure that you are properly checking for all errors (\"dangerous\" ones first), so that you are not running in the case detailed above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-51744",
"url": "https://www.suse.com/security/cve/CVE-2024-51744"
},
{
"category": "external",
"summary": "SUSE Bug 1232936 for CVE-2024-51744",
"url": "https://bugzilla.suse.com/1232936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-51744"
},
{
"cve": "CVE-2024-9264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9264"
}
],
"notes": [
{
"category": "general",
"text": "The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana\u0027s $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9264",
"url": "https://www.suse.com/security/cve/CVE-2024-9264"
},
{
"category": "external",
"summary": "SUSE Bug 1231844 for CVE-2024-9264",
"url": "https://bugzilla.suse.com/1231844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "critical"
}
],
"title": "CVE-2024-9264"
},
{
"cve": "CVE-2024-9476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9476"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9476",
"url": "https://www.suse.com/security/cve/CVE-2024-9476"
},
{
"category": "external",
"summary": "SUSE Bug 1233343 for CVE-2024-9476",
"url": "https://bugzilla.suse.com/1233343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-9476"
},
{
"cve": "CVE-2025-22870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22870"
}
],
"notes": [
{
"category": "general",
"text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22870",
"url": "https://www.suse.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "SUSE Bug 1238572 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "external",
"summary": "SUSE Bug 1238611 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22870"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-2703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2703"
}
],
"notes": [
{
"category": "general",
"text": "The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. \n\nA user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2703",
"url": "https://www.suse.com/security/cve/CVE-2025-2703"
},
{
"category": "external",
"summary": "SUSE Bug 1241687 for CVE-2025-2703",
"url": "https://bugzilla.suse.com/1241687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-2703"
},
{
"cve": "CVE-2025-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27144"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27144",
"url": "https://www.suse.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1237608 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237608"
},
{
"category": "external",
"summary": "SUSE Bug 1237609 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "important"
}
],
"title": "CVE-2025-27144"
},
{
"cve": "CVE-2025-3454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3454"
}
],
"notes": [
{
"category": "general",
"text": "This vulnerability in Grafana\u0027s datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path.\n\nUsers with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources.\n\nThe issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3454",
"url": "https://www.suse.com/security/cve/CVE-2025-3454"
},
{
"category": "external",
"summary": "SUSE Bug 1241683 for CVE-2025-3454",
"url": "https://bugzilla.suse.com/1241683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-3454"
},
{
"cve": "CVE-2025-3580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3580"
}
],
"notes": [
{
"category": "general",
"text": "An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator account. This vulnerability exists in the DELETE /api/org/users/ endpoint.\n\nThe vulnerability can be exploited when:\n\n1. An Organization administrator exists\n\n2. The Server administrator is either:\n\n - Not part of any organization, or\n - Part of the same organization as the Organization administrator\nImpact:\n\n- Organization administrators can permanently delete Server administrator accounts\n\n- If the only Server administrator is deleted, the Grafana instance becomes unmanageable\n\n- No super-user permissions remain in the system\n\n- Affects all users, organizations, and teams managed in the instance\n\nThe vulnerability is particularly serious as it can lead to a complete loss of administrative control over the Grafana instance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3580",
"url": "https://www.suse.com/security/cve/CVE-2025-3580"
},
{
"category": "external",
"summary": "SUSE Bug 1243672 for CVE-2025-3580",
"url": "https://bugzilla.suse.com/1243672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-3580"
},
{
"cve": "CVE-2025-4123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4123"
}
],
"notes": [
{
"category": "general",
"text": "A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permissions and if anonymous access is enabled, the XSS will work. If the Grafana Image Renderer plugin is installed, it is possible to exploit the open redirect to achieve a full read SSRF.\n\nThe default Content-Security-Policy (CSP) in Grafana will block the XSS though the `connect-src` directive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4123",
"url": "https://www.suse.com/security/cve/CVE-2025-4123"
},
{
"category": "external",
"summary": "SUSE Bug 1243714 for CVE-2025-4123",
"url": "https://bugzilla.suse.com/1243714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.15.2-150400.3.133.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:07:51Z",
"details": "important"
}
],
"title": "CVE-2025-4123"
}
]
}
SUSE-SU-2025:01940-1
Vulnerability from csaf_suse - Published: 2025-06-13 07:20 - Updated: 2025-06-13 07:20Summary
Security update for kubernetes1.23
Notes
Title of the patch
Security update for kubernetes1.23
Description of the patch
This update for kubernetes1.23 fixes the following issues:
- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).
Patchnames
SUSE-2025-1940,openSUSE-SLE-15.6-2025-1940
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.23",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.23 fixes the following issues:\n\n- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1940,openSUSE-SLE-15.6-2025-1940",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01940-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01940-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501940-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01940-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040275.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241865",
"url": "https://bugzilla.suse.com/1241865"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubernetes1.23",
"tracking": {
"current_release_date": "2025-06-13T07:20:45Z",
"generator": {
"date": "2025-06-13T07:20:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01940-1",
"initial_release_date": "2025-06-13T07:20:45Z",
"revision_history": [
{
"date": "2025-06-13T07:20:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch",
"product": {
"name": "kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch",
"product_id": "kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch",
"product": {
"name": "kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch",
"product_id": "kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x"
},
"product_reference": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.s390x"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch"
},
"product_reference": "kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch"
},
"product_reference": "kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x"
},
"product_reference": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x"
},
"product_reference": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x"
},
"product_reference": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x"
},
"product_reference": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x"
},
"product_reference": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x"
},
"product_reference": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x",
"openSUSE Leap 15.6:kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-13T07:20:45Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:02289-2
Vulnerability from csaf_suse - Published: 2025-07-16 15:47 - Updated: 2025-07-16 15:47Summary
Security update for docker
Notes
Title of the patch
Security update for docker
Description of the patch
This update for docker fixes the following issues:
Update to Docker 28.2.2-ce (bsc#1243833, bsc#1242114):
- CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials
allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765)
- CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830).
Other fixes:
- Update to docker-buildx v0.22.0.
- Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035).
- Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534)
- Now that the only blocker for docker-buildx support was removed for SLE-16,
enable docker-buildx for SLE-16 as well. (jsc#PED-8905)
- SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150).
Patchnames
SUSE-2025-2289,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2289,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2289,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2289,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2289,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2289,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2289,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2289,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2289,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2289,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2289,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2289,SUSE-Storage-7.1-2025-2289
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\nUpdate to Docker 28.2.2-ce (bsc#1243833, bsc#1242114):\n\n- CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials \n allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765)\n- CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830).\n\nOther fixes: \n \n- Update to docker-buildx v0.22.0.\n- Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035).\n- Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534)\n- Now that the only blocker for docker-buildx support was removed for SLE-16,\n enable docker-buildx for SLE-16 as well. (jsc#PED-8905)\n- SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2289,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2289,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2289,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2289,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2289,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2289,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2289,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2289,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2289,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2289,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2289,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2289,SUSE-Storage-7.1-2025-2289",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02289-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02289-2",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502289-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02289-2",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040739.html"
},
{
"category": "self",
"summary": "SUSE Bug 1239765",
"url": "https://bugzilla.suse.com/1239765"
},
{
"category": "self",
"summary": "SUSE Bug 1240150",
"url": "https://bugzilla.suse.com/1240150"
},
{
"category": "self",
"summary": "SUSE Bug 1241830",
"url": "https://bugzilla.suse.com/1241830"
},
{
"category": "self",
"summary": "SUSE Bug 1242114",
"url": "https://bugzilla.suse.com/1242114"
},
{
"category": "self",
"summary": "SUSE Bug 1243833",
"url": "https://bugzilla.suse.com/1243833"
},
{
"category": "self",
"summary": "SUSE Bug 1244035",
"url": "https://bugzilla.suse.com/1244035"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0495 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2025-07-16T15:47:57Z",
"generator": {
"date": "2025-07-16T15:47:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02289-2",
"initial_release_date": "2025-07-16T15:47:57Z",
"revision_history": [
{
"date": "2025-07-16T15:47:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-150000.227.1.aarch64",
"product": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64",
"product_id": "docker-28.2.2_ce-150000.227.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"product": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"product_id": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-150000.227.1.i586",
"product": {
"name": "docker-28.2.2_ce-150000.227.1.i586",
"product_id": "docker-28.2.2_ce-150000.227.1.i586"
}
},
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-150000.1.22.1.i586",
"product": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.i586",
"product_id": "docker-stable-24.0.9_ce-150000.1.22.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"product": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"product_id": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"product": {
"name": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"product_id": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"product": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"product_id": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"product": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"product_id": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch",
"product": {
"name": "docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch",
"product_id": "docker-stable-fish-completion-24.0.9_ce-150000.1.22.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch",
"product": {
"name": "docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch",
"product_id": "docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch",
"product": {
"name": "docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch",
"product_id": "docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-28.2.2_ce-150000.227.1.noarch",
"product": {
"name": "docker-zsh-completion-28.2.2_ce-150000.227.1.noarch",
"product_id": "docker-zsh-completion-28.2.2_ce-150000.227.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-150000.227.1.ppc64le",
"product": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le",
"product_id": "docker-28.2.2_ce-150000.227.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"product": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"product_id": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-150000.227.1.s390x",
"product": {
"name": "docker-28.2.2_ce-150000.227.1.s390x",
"product_id": "docker-28.2.2_ce-150000.227.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"product": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"product_id": "docker-stable-24.0.9_ce-150000.1.22.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-150000.227.1.x86_64",
"product": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64",
"product_id": "docker-28.2.2_ce-150000.227.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"product": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"product_id": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.s390x"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.s390x"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.s390x"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.ppc64le"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.ppc64le"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.ppc64le"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-150000.227.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-150000.227.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:docker-bash-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:docker-fish-completion-28.2.2_ce-150000.227.1.noarch"
},
"product_reference": "docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0495"
}
],
"notes": [
{
"category": "general",
"text": "Buildx is a Docker CLI plugin that extends build capabilities using BuildKit.\n\nCache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry traces as part of the arguments and flags for the traced CLI command. OpenTelemetry traces are also saved in BuildKit daemon\u0027s history records.\n\n\nThis vulnerability does not impact secrets passed to the Github cache backend via environment variables or registry authentication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0495",
"url": "https://www.suse.com/security/cve/CVE-2025-0495"
},
{
"category": "external",
"summary": "SUSE Bug 1239765 for CVE-2025-0495",
"url": "https://bugzilla.suse.com/1239765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T15:47:57Z",
"details": "moderate"
}
],
"title": "CVE-2025-0495"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.2.2_ce-150000.227.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.2.2_ce-150000.227.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-24.0.9_ce-150000.1.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-stable-bash-completion-24.0.9_ce-150000.1.22.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T15:47:57Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:02366-2
Vulnerability from csaf_suse - Published: 2025-07-30 07:52 - Updated: 2025-07-30 07:52Summary
Security update for docker
Notes
Title of the patch
Security update for docker
Description of the patch
This update for docker fixes the following issues:
Update to Docker 28.2.2-ce (bsc#1243833, bsc#1242114):
- CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830).
Other bugfixes:
- Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035).
- SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150).
Patchnames
SUSE-2025-2366,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2366
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\nUpdate to Docker 28.2.2-ce (bsc#1243833, bsc#1242114):\n\n- CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830).\n\nOther bugfixes:\n\n- Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035).\n- SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2366,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2366",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02366-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02366-2",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502366-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02366-2",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040952.html"
},
{
"category": "self",
"summary": "SUSE Bug 1240150",
"url": "https://bugzilla.suse.com/1240150"
},
{
"category": "self",
"summary": "SUSE Bug 1241830",
"url": "https://bugzilla.suse.com/1241830"
},
{
"category": "self",
"summary": "SUSE Bug 1242114",
"url": "https://bugzilla.suse.com/1242114"
},
{
"category": "self",
"summary": "SUSE Bug 1243833",
"url": "https://bugzilla.suse.com/1243833"
},
{
"category": "self",
"summary": "SUSE Bug 1244035",
"url": "https://bugzilla.suse.com/1244035"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2025-07-30T07:52:22Z",
"generator": {
"date": "2025-07-30T07:52:22Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02366-2",
"initial_release_date": "2025-07-30T07:52:22Z",
"revision_history": [
{
"date": "2025-07-30T07:52:22Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-98.134.1.aarch64",
"product": {
"name": "docker-28.2.2_ce-98.134.1.aarch64",
"product_id": "docker-28.2.2_ce-98.134.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-98.134.1.i586",
"product": {
"name": "docker-28.2.2_ce-98.134.1.i586",
"product_id": "docker-28.2.2_ce-98.134.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-bash-completion-28.2.2_ce-98.134.1.noarch",
"product": {
"name": "docker-bash-completion-28.2.2_ce-98.134.1.noarch",
"product_id": "docker-bash-completion-28.2.2_ce-98.134.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-28.2.2_ce-98.134.1.noarch",
"product": {
"name": "docker-fish-completion-28.2.2_ce-98.134.1.noarch",
"product_id": "docker-fish-completion-28.2.2_ce-98.134.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-28.2.2_ce-98.134.1.noarch",
"product": {
"name": "docker-rootless-extras-28.2.2_ce-98.134.1.noarch",
"product_id": "docker-rootless-extras-28.2.2_ce-98.134.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-28.2.2_ce-98.134.1.noarch",
"product": {
"name": "docker-zsh-completion-28.2.2_ce-98.134.1.noarch",
"product_id": "docker-zsh-completion-28.2.2_ce-98.134.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-98.134.1.ppc64le",
"product": {
"name": "docker-28.2.2_ce-98.134.1.ppc64le",
"product_id": "docker-28.2.2_ce-98.134.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-98.134.1.s390x",
"product": {
"name": "docker-28.2.2_ce-98.134.1.s390x",
"product_id": "docker-28.2.2_ce-98.134.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-98.134.1.x86_64",
"product": {
"name": "docker-28.2.2_ce-98.134.1.x86_64",
"product_id": "docker-28.2.2_ce-98.134.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-98.134.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.aarch64"
},
"product_reference": "docker-28.2.2_ce-98.134.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-98.134.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.ppc64le"
},
"product_reference": "docker-28.2.2_ce-98.134.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-98.134.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.s390x"
},
"product_reference": "docker-28.2.2_ce-98.134.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-98.134.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-98.134.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-98.134.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:docker-bash-completion-28.2.2_ce-98.134.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-98.134.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-bash-completion-28.2.2_ce-98.134.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-bash-completion-28.2.2_ce-98.134.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.2.2_ce-98.134.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-bash-completion-28.2.2_ce-98.134.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-30T07:52:22Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:03278-1
Vulnerability from csaf_suse - Published: 2025-09-19 13:42 - Updated: 2025-09-19 13:42Summary
Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container
Notes
Title of the patch
Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container
Description of the patch
This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues:
This update for kubevirt updates golang.org/x/net to 0.38.0, fixing security issues (CVE-2025-22872, CVE-2024-45337, CVE-2024-45338, bsc#1234537, bsc#1235303, bsc#1241772)
and also rebuilds it against current GO.
Patchnames
SUSE-2025-3278,SUSE-SLE-Module-Containers-15-SP6-2025-3278,openSUSE-SLE-15.6-2025-3278
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues:\n\nThis update for kubevirt updates golang.org/x/net to 0.38.0, fixing security issues (CVE-2025-22872, CVE-2024-45337, CVE-2024-45338, bsc#1234537, bsc#1235303, bsc#1241772)\nand also rebuilds it against current GO.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3278,SUSE-SLE-Module-Containers-15-SP6-2025-3278,openSUSE-SLE-15.6-2025-3278",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03278-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03278-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503278-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03278-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041779.html"
},
{
"category": "self",
"summary": "SUSE Bug 1234537",
"url": "https://bugzilla.suse.com/1234537"
},
{
"category": "self",
"summary": "SUSE Bug 1235303",
"url": "https://bugzilla.suse.com/1235303"
},
{
"category": "self",
"summary": "SUSE Bug 1241772",
"url": "https://bugzilla.suse.com/1241772"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45337 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container",
"tracking": {
"current_release_date": "2025-09-19T13:42:08Z",
"generator": {
"date": "2025-09-19T13:42:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03278-1",
"initial_release_date": "2025-09-19T13:42:08Z",
"revision_history": [
{
"date": "2025-09-19T13:42:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-container-disk-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-container-disk-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-container-disk-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-manifests-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-tests-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-tests-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-tests-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-api-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-virt-api-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-virt-api-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-controller-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-virt-controller-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-virt-controller-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportserver-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-virt-exportserver-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-virt-exportserver-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-handler-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-virt-handler-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-virt-handler-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-launcher-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-virt-launcher-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-virt-launcher-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-operator-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-virt-operator-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-virt-operator-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"product_id": "kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.aarch64",
"product": {
"name": "obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.aarch64",
"product_id": "obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-manifests-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-tests-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"product_id": "kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64",
"product": {
"name": "obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64",
"product_id": "obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-manifests-1.4.1-150600.5.24.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64"
},
"product_reference": "kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-manifests-1.4.1-150600.5.24.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64"
},
"product_reference": "kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-manifests-1.4.1-150600.5.24.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64"
},
"product_reference": "kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-manifests-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-tests-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-tests-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64"
},
"product_reference": "kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64"
},
"product_reference": "obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45337"
}
],
"notes": [
{
"category": "general",
"text": "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45337",
"url": "https://www.suse.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "SUSE Bug 1234482 for CVE-2024-45337",
"url": "https://bugzilla.suse.com/1234482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-19T13:42:08Z",
"details": "important"
}
],
"title": "CVE-2024-45337"
},
{
"cve": "CVE-2024-45338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45338"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45338",
"url": "https://www.suse.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "SUSE Bug 1234794 for CVE-2024-45338",
"url": "https://bugzilla.suse.com/1234794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-19T13:42:08Z",
"details": "moderate"
}
],
"title": "CVE-2024-45338"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-container-disk-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-manifests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-pr-helper-conf-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-tests-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-api-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-controller-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportproxy-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-exportserver-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-handler-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-launcher-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virt-operator-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.aarch64",
"openSUSE Leap 15.6:kubevirt-virtctl-1.4.1-150600.5.24.1.x86_64",
"openSUSE Leap 15.6:obs-service-kubevirt_containers_meta-1.4.1-150600.5.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-19T13:42:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:20510-1
Vulnerability from csaf_suse - Published: 2025-07-28 14:33 - Updated: 2025-07-28 14:33Summary
Security update for docker
Notes
Title of the patch
Security update for docker
Description of the patch
This update for docker fixes the following issues:
- Update to Go 1.24 for builds, to match upstream.
- Update to Docker 28.3.2-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2832>
- Update to Docker 28.3.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2831>
- Update to Docker 28.3.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2830>
bsc#1246556
- Update to docker-buildx v0.25.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.25.0>
- CVE-2025-22872: golang.org/x/net/html: Fixed incorrectly interpreted tags
causing content to be placed wrong scope during DOM construction (bsc#1241830)
- Do not try to inject SUSEConnect secrets when in Rootless Docker mode, as
Docker does not have permission to access the host zypper credentials in this
mode (and unprivileged users cannot disable the feature using
/etc/docker/suse-secrets-enable.) bsc#1240150
- Always clear SUSEConnect suse_* secrets when starting containers regardless
of whether the daemon was built with SUSEConnect support. Not doing this
causes containers from SUSEConnect-enabled daemons to fail to start when
running with SUSEConnect-disabled (i.e. upstream) daemons.
This was a long-standing issue with our secrets support but until recently
this would've required migrating from SLE packages to openSUSE packages
(which wasn't supported). However, as SLE Micro 6.x and SLES 16 will move
away from in-built SUSEConnect support, this is now a practical issue users
will run into. bsc#1244035
Patchnames
SUSE-SLE-Micro-6.0-398
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\n- Update to Go 1.24 for builds, to match upstream.\n\n- Update to Docker 28.3.2-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2832\u003e\n\n- Update to Docker 28.3.1-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2831\u003e\n\n- Update to Docker 28.3.0-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2830\u003e\n bsc#1246556\n\n- Update to docker-buildx v0.25.0. Upstream changelog:\n \u003chttps://github.com/docker/buildx/releases/tag/v0.25.0\u003e\n\n- CVE-2025-22872: golang.org/x/net/html: Fixed incorrectly interpreted tags \n causing content to be placed wrong scope during DOM construction (bsc#1241830) \n\n- Do not try to inject SUSEConnect secrets when in Rootless Docker mode, as\n Docker does not have permission to access the host zypper credentials in this\n mode (and unprivileged users cannot disable the feature using\n /etc/docker/suse-secrets-enable.) bsc#1240150\n\n- Always clear SUSEConnect suse_* secrets when starting containers regardless\n of whether the daemon was built with SUSEConnect support. Not doing this\n causes containers from SUSEConnect-enabled daemons to fail to start when\n running with SUSEConnect-disabled (i.e. upstream) daemons.\n\n This was a long-standing issue with our secrets support but until recently\n this would\u0027ve required migrating from SLE packages to openSUSE packages\n (which wasn\u0027t supported). However, as SLE Micro 6.x and SLES 16 will move\n away from in-built SUSEConnect support, this is now a practical issue users\n will run into. bsc#1244035\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-398",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20510-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20510-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520510-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20510-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041041.html"
},
{
"category": "self",
"summary": "SUSE Bug 1240150",
"url": "https://bugzilla.suse.com/1240150"
},
{
"category": "self",
"summary": "SUSE Bug 1241830",
"url": "https://bugzilla.suse.com/1241830"
},
{
"category": "self",
"summary": "SUSE Bug 1242114",
"url": "https://bugzilla.suse.com/1242114"
},
{
"category": "self",
"summary": "SUSE Bug 1243833",
"url": "https://bugzilla.suse.com/1243833"
},
{
"category": "self",
"summary": "SUSE Bug 1244035",
"url": "https://bugzilla.suse.com/1244035"
},
{
"category": "self",
"summary": "SUSE Bug 1246556",
"url": "https://bugzilla.suse.com/1246556"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2025-07-28T14:33:11Z",
"generator": {
"date": "2025-07-28T14:33:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20510-1",
"initial_release_date": "2025-07-28T14:33:11Z",
"revision_history": [
{
"date": "2025-07-28T14:33:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.2_ce-5.1.aarch64",
"product": {
"name": "docker-28.3.2_ce-5.1.aarch64",
"product_id": "docker-28.3.2_ce-5.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.25.0-5.1.aarch64",
"product": {
"name": "docker-buildx-0.25.0-5.1.aarch64",
"product_id": "docker-buildx-0.25.0-5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.2_ce-5.1.s390x",
"product": {
"name": "docker-28.3.2_ce-5.1.s390x",
"product_id": "docker-28.3.2_ce-5.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.25.0-5.1.s390x",
"product": {
"name": "docker-buildx-0.25.0-5.1.s390x",
"product_id": "docker-buildx-0.25.0-5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.2_ce-5.1.x86_64",
"product": {
"name": "docker-28.3.2_ce-5.1.x86_64",
"product_id": "docker-28.3.2_ce-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.25.0-5.1.x86_64",
"product": {
"name": "docker-buildx-0.25.0-5.1.x86_64",
"product_id": "docker-buildx-0.25.0-5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.2_ce-5.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.aarch64"
},
"product_reference": "docker-28.3.2_ce-5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.2_ce-5.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.s390x"
},
"product_reference": "docker-28.3.2_ce-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.2_ce-5.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.x86_64"
},
"product_reference": "docker-28.3.2_ce-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.25.0-5.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.aarch64"
},
"product_reference": "docker-buildx-0.25.0-5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.25.0-5.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.s390x"
},
"product_reference": "docker-buildx-0.25.0-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.25.0-5.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.x86_64"
},
"product_reference": "docker-buildx-0.25.0-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.aarch64",
"SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.s390x",
"SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.x86_64",
"SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.aarch64",
"SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.s390x",
"SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.aarch64",
"SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.s390x",
"SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.x86_64",
"SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.aarch64",
"SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.s390x",
"SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.aarch64",
"SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.s390x",
"SUSE Linux Micro 6.0:docker-28.3.2_ce-5.1.x86_64",
"SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.aarch64",
"SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.s390x",
"SUSE Linux Micro 6.0:docker-buildx-0.25.0-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-28T14:33:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:01940-2
Vulnerability from csaf_suse - Published: 2025-08-14 13:02 - Updated: 2025-08-14 13:02Summary
Security update for kubernetes1.23
Notes
Title of the patch
Security update for kubernetes1.23
Description of the patch
This update for kubernetes1.23 fixes the following issues:
- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).
Patchnames
SUSE-2025-1940,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1940,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1940,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1940,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1940
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.23",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.23 fixes the following issues:\n\n- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1940,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1940,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1940,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1940,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1940",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01940-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01940-2",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501940-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01940-2",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041217.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241865",
"url": "https://bugzilla.suse.com/1241865"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubernetes1.23",
"tracking": {
"current_release_date": "2025-08-14T13:02:12Z",
"generator": {
"date": "2025-08-14T13:02:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01940-2",
"initial_release_date": "2025-08-14T13:02:12Z",
"revision_history": [
{
"date": "2025-08-14T13:02:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch",
"product": {
"name": "kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch",
"product_id": "kubernetes1.23-client-bash-completion-1.23.17-150500.3.21.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch",
"product": {
"name": "kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch",
"product_id": "kubernetes1.23-client-fish-completion-1.23.17-150500.3.21.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.21.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.s390x"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-14T13:02:12Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:02366-1
Vulnerability from csaf_suse - Published: 2025-07-18 12:08 - Updated: 2025-07-18 12:08Summary
Security update for docker
Notes
Title of the patch
Security update for docker
Description of the patch
This update for docker fixes the following issues:
Update to Docker 28.2.2-ce (bsc#1243833, bsc#1242114):
- CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830).
Other bugfixes:
- Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035).
- SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150).
Patchnames
SUSE-2025-2366,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2366
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\nUpdate to Docker 28.2.2-ce (bsc#1243833, bsc#1242114):\n\n- CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830).\n\nOther bugfixes:\n\n- Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035).\n- SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2366,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2366",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02366-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02366-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502366-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02366-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040783.html"
},
{
"category": "self",
"summary": "SUSE Bug 1240150",
"url": "https://bugzilla.suse.com/1240150"
},
{
"category": "self",
"summary": "SUSE Bug 1241830",
"url": "https://bugzilla.suse.com/1241830"
},
{
"category": "self",
"summary": "SUSE Bug 1242114",
"url": "https://bugzilla.suse.com/1242114"
},
{
"category": "self",
"summary": "SUSE Bug 1243833",
"url": "https://bugzilla.suse.com/1243833"
},
{
"category": "self",
"summary": "SUSE Bug 1244035",
"url": "https://bugzilla.suse.com/1244035"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2025-07-18T12:08:51Z",
"generator": {
"date": "2025-07-18T12:08:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02366-1",
"initial_release_date": "2025-07-18T12:08:51Z",
"revision_history": [
{
"date": "2025-07-18T12:08:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-98.134.1.aarch64",
"product": {
"name": "docker-28.2.2_ce-98.134.1.aarch64",
"product_id": "docker-28.2.2_ce-98.134.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-98.134.1.i586",
"product": {
"name": "docker-28.2.2_ce-98.134.1.i586",
"product_id": "docker-28.2.2_ce-98.134.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-bash-completion-28.2.2_ce-98.134.1.noarch",
"product": {
"name": "docker-bash-completion-28.2.2_ce-98.134.1.noarch",
"product_id": "docker-bash-completion-28.2.2_ce-98.134.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-28.2.2_ce-98.134.1.noarch",
"product": {
"name": "docker-fish-completion-28.2.2_ce-98.134.1.noarch",
"product_id": "docker-fish-completion-28.2.2_ce-98.134.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-28.2.2_ce-98.134.1.noarch",
"product": {
"name": "docker-rootless-extras-28.2.2_ce-98.134.1.noarch",
"product_id": "docker-rootless-extras-28.2.2_ce-98.134.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-28.2.2_ce-98.134.1.noarch",
"product": {
"name": "docker-zsh-completion-28.2.2_ce-98.134.1.noarch",
"product_id": "docker-zsh-completion-28.2.2_ce-98.134.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-98.134.1.ppc64le",
"product": {
"name": "docker-28.2.2_ce-98.134.1.ppc64le",
"product_id": "docker-28.2.2_ce-98.134.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-98.134.1.s390x",
"product": {
"name": "docker-28.2.2_ce-98.134.1.s390x",
"product_id": "docker-28.2.2_ce-98.134.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.2.2_ce-98.134.1.x86_64",
"product": {
"name": "docker-28.2.2_ce-98.134.1.x86_64",
"product_id": "docker-28.2.2_ce-98.134.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.2.2_ce-98.134.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-28.2.2_ce-98.134.1.x86_64"
},
"product_reference": "docker-28.2.2_ce-98.134.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.2.2_ce-98.134.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-bash-completion-28.2.2_ce-98.134.1.noarch"
},
"product_reference": "docker-bash-completion-28.2.2_ce-98.134.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-28.2.2_ce-98.134.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-bash-completion-28.2.2_ce-98.134.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-28.2.2_ce-98.134.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-bash-completion-28.2.2_ce-98.134.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-28.2.2_ce-98.134.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-bash-completion-28.2.2_ce-98.134.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:08:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:02336-1
Vulnerability from csaf_suse - Published: 2025-07-16 14:50 - Updated: 2025-07-16 14:50Summary
Security update for kubernetes1.27
Notes
Title of the patch
Security update for kubernetes1.27
Description of the patch
This update for kubernetes1.27 fixes the following issues:
- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).
Patchnames
SUSE-2025-2336,SUSE-SLE-Module-Containers-15-SP6-2025-2336,openSUSE-SLE-15.6-2025-2336
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.27",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.27 fixes the following issues:\n\n- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2336,SUSE-SLE-Module-Containers-15-SP6-2025-2336,openSUSE-SLE-15.6-2025-2336",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02336-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02336-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502336-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02336-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040741.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241865",
"url": "https://bugzilla.suse.com/1241865"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubernetes1.27",
"tracking": {
"current_release_date": "2025-07-16T14:50:25Z",
"generator": {
"date": "2025-07-16T14:50:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02336-1",
"initial_release_date": "2025-07-16T14:50:25Z",
"revision_history": [
{
"date": "2025-07-16T14:50:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.aarch64",
"product": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.aarch64",
"product_id": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64",
"product": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64",
"product_id": "kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64",
"product": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64",
"product_id": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.aarch64",
"product": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.aarch64",
"product_id": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.aarch64",
"product": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.aarch64",
"product_id": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.aarch64",
"product": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.aarch64",
"product_id": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.aarch64",
"product": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.aarch64",
"product_id": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.aarch64",
"product": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.aarch64",
"product_id": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.aarch64",
"product": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.aarch64",
"product_id": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.27-client-bash-completion-1.27.16-150400.9.16.1.noarch",
"product": {
"name": "kubernetes1.27-client-bash-completion-1.27.16-150400.9.16.1.noarch",
"product_id": "kubernetes1.27-client-bash-completion-1.27.16-150400.9.16.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-fish-completion-1.27.16-150400.9.16.1.noarch",
"product": {
"name": "kubernetes1.27-client-fish-completion-1.27.16-150400.9.16.1.noarch",
"product_id": "kubernetes1.27-client-fish-completion-1.27.16-150400.9.16.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.ppc64le",
"product": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.ppc64le",
"product_id": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le",
"product": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le",
"product_id": "kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le",
"product": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le",
"product_id": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.ppc64le",
"product": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.ppc64le",
"product_id": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.ppc64le",
"product": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.ppc64le",
"product_id": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.ppc64le",
"product": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.ppc64le",
"product_id": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.ppc64le",
"product": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.ppc64le",
"product_id": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.ppc64le",
"product": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.ppc64le",
"product_id": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.ppc64le",
"product": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.ppc64le",
"product_id": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.s390x",
"product": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.s390x",
"product_id": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.s390x",
"product": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.s390x",
"product_id": "kubernetes1.27-client-1.27.16-150400.9.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x",
"product": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x",
"product_id": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.s390x",
"product": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.s390x",
"product_id": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.s390x",
"product": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.s390x",
"product_id": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.s390x",
"product": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.s390x",
"product_id": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.s390x",
"product": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.s390x",
"product_id": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.s390x",
"product": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.s390x",
"product_id": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.s390x",
"product": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.s390x",
"product_id": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.x86_64",
"product": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.x86_64",
"product_id": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64",
"product": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64",
"product_id": "kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64",
"product": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64",
"product_id": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.x86_64",
"product": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.x86_64",
"product_id": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.x86_64",
"product": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.x86_64",
"product_id": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.x86_64",
"product": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.x86_64",
"product_id": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.x86_64",
"product": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.x86_64",
"product_id": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.x86_64",
"product": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.x86_64",
"product_id": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.x86_64",
"product": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.x86_64",
"product_id": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.s390x"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.aarch64"
},
"product_reference": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.ppc64le"
},
"product_reference": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.s390x"
},
"product_reference": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.x86_64"
},
"product_reference": "kubernetes1.27-apiserver-1.27.16-150400.9.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.s390x"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.16.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-bash-completion-1.27.16-150400.9.16.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-client-bash-completion-1.27.16-150400.9.16.1.noarch"
},
"product_reference": "kubernetes1.27-client-bash-completion-1.27.16-150400.9.16.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-fish-completion-1.27.16-150400.9.16.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-client-fish-completion-1.27.16-150400.9.16.1.noarch"
},
"product_reference": "kubernetes1.27-client-fish-completion-1.27.16-150400.9.16.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.aarch64"
},
"product_reference": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.ppc64le"
},
"product_reference": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.s390x"
},
"product_reference": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.x86_64"
},
"product_reference": "kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.aarch64"
},
"product_reference": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.ppc64le"
},
"product_reference": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.s390x"
},
"product_reference": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.x86_64"
},
"product_reference": "kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.aarch64"
},
"product_reference": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.ppc64le"
},
"product_reference": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.s390x"
},
"product_reference": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.x86_64"
},
"product_reference": "kubernetes1.27-kubelet-1.27.16-150400.9.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.aarch64"
},
"product_reference": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.ppc64le"
},
"product_reference": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.s390x"
},
"product_reference": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.x86_64"
},
"product_reference": "kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.aarch64"
},
"product_reference": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.ppc64le"
},
"product_reference": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.s390x"
},
"product_reference": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.x86_64"
},
"product_reference": "kubernetes1.27-proxy-1.27.16-150400.9.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.aarch64"
},
"product_reference": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.ppc64le"
},
"product_reference": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.s390x"
},
"product_reference": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.x86_64"
},
"product_reference": "kubernetes1.27-scheduler-1.27.16-150400.9.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-client-bash-completion-1.27.16-150400.9.16.1.noarch",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-client-fish-completion-1.27.16-150400.9.16.1.noarch",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-client-bash-completion-1.27.16-150400.9.16.1.noarch",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-client-fish-completion-1.27.16-150400.9.16.1.noarch",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-apiserver-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-client-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-client-bash-completion-1.27.16-150400.9.16.1.noarch",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-client-common-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-client-fish-completion-1.27.16-150400.9.16.1.noarch",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-controller-manager-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-kubeadm-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-kubelet-common-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-proxy-1.27.16-150400.9.16.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.s390x",
"openSUSE Leap 15.6:kubernetes1.27-scheduler-1.27.16-150400.9.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-16T14:50:25Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
SUSE-SU-2025:20516-1
Vulnerability from csaf_suse - Published: 2025-07-30 09:27 - Updated: 2025-07-30 09:27Summary
Security update for helm
Notes
Title of the patch
Security update for helm
Description of the patch
This update for helm fixes the following issues:
Update to version 3.18.4 (bsc#1246152, CVE-2025-53547):
* Disabling linter due to unknown issue f20a4ad (Matt Farina)
* build(deps): bump the k8s-io group with 7 updates 563b094
(dependabot[bot])
* Updating link handling 00de613 (Matt Farina)
Update to version 3.18.3:
* build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
6838ebc (dependabot[bot])
* fix: user username password for login 5b9e2f6 (Terry Howe)
* Update pkg/registry/transport.go 2782412 (Terry Howe)
* Update pkg/registry/transport.go e66cf6a (Terry Howe)
* fix: add debug logging to oci transport 191f05c (Terry Howe)
Update to version 3.18.2:
* fix: legacy docker support broken for login 04cad46 (Terry
Howe)
* Handle an empty registry config file. bc9f8a2 (Matt Farina)
Update to version 3.18.1:
* Notes:
- This release fixes regressions around template generation and
OCI registry interaction in 3.18.0
- There are at least 2 known regressions unaddressed in this
release. They are being worked on.
- Empty registry configuration files. When the file exists
but it is empty.
- Login to Docker Hub on some domains fails.
* Changelog
- fix(client): skipnode utilization for PreCopy
- fix(client): layers now returns manifest - remove duplicate
from descriptors
- fix(client): return nil on non-allowed media types
- Prevent fetching newReference again as we have in calling
method
- Prevent failure when resolving version tags in oras memory
store
- Update pkg/plugin/plugin.go
- Update pkg/plugin/plugin.go
- Wait for Helm v4 before raising when platformCommand and
Command are set
- Fix 3.18.0 regression: registry login with scheme
- Revert "fix (helm) : toToml` renders int as float [ backport
to v3 ]"
Update to version 3.18.0 (bsc#1241802, CVE-2025-22872):
* Notable Changes:
- Add support for JSON Schema 2020
- Enabled cpu and memory profiling
- Add hook annotation to output hook logs to client on error
* Changelog:
- build(deps): bump the k8s-io group with 7 updates
- fix: govulncheck workflow
- bump version to v3.18.0
- fix:add proxy support when mTLS configured
- docs: Note about http fallback for OCI registries
- Bump net package to avoid CVE on dev-v3
- Bump toml
- backport #30677to dev3
- build(deps): bump github.com/rubenv/sql-migrate from 1.7.2 to
1.8.0
- Add install test for TakeOwnership flag
- Fix --take-ownership
- build(deps): bump github.com/rubenv/sql-migrate from 1.7.1 to
1.7.2
- build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0
- build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0
- Testing text bump
- Permit more Go version and not only 1.23.8
- Bumps github.com/distribution/distribution/v3 from 3.0.0-rc.3
to 3.0.0
- Unarchiving fix
- Fix typo
- Report as debug log, the time spent waiting for resources
- build(deps): bump github.com/containerd/containerd from
1.7.26 to 1.7.27
- Update pkg/registry/fallback.go
- automatic fallback to http
- chore(oci): upgrade to ORAS v2
- Updating to 0.37.0 for x/net
- build(deps): bump the k8s-io group with 7 updates
- build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0
- build(deps): bump github.com/opencontainers/image-spec
- build(deps): bump github.com/containerd/containerd from
1.7.25 to 1.7.26
- build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0
- Fix cherry-pick helm.sh/helm/v4 -> helm.sh/helm/v3
- Refactor based on review comment
- Refactor based on review comment
- Add HookOutputFunc and generic yaml unmarshaller
- clarify fix error message
- fix err check
- remove comments about previous functionality
- add short circuit return
- Update based on review comments
- Update based on review comments
- Fix lint
- Tidy up imports
- Add hook annotations to output pod logs to client on success
and fail
- chore: use []error instead of []string
- Update cmd/helm/profiling.go
- chore: update profiling doc in CONTRIBUTING.md
- Update CONTRIBUTING guide
- Prefer environment variables to CLI flags
- Fix linter warning
- Move pprof paths to HELM_PPROF env variable
- Update CONTRIBUTING.md
- Update CONTRIBUTING.md
- Additional review fixes from PR
- feat: Add flags to enable CPU and memory profiling
- build(deps): bump github.com/distribution/distribution/v3
- build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1
- Moving to SetOut and SetErr for Cobra
- build(deps): bump the k8s-io group with 7 updates
- build(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0
- build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0
- build(deps): bump golang.org/x/text from 0.21.0 to 0.22.0
- build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
- build(deps): bump github.com/cyphar/filepath-securejoin
- build(deps): bump github.com/evanphx/json-patch
- build(deps): bump the k8s-io group with 7 updates
- fix: check group for resource info match
- Bump github.com/cyphar/filepath-securejoin from 0.3.6 to
0.4.0
- add test for nullifying nested global value
- Ensuring the file paths are clean prior to passing to
securejoin
- Bump github.com/containerd/containerd from 1.7.24 to 1.7.25
- Bump golang.org/x/crypto from 0.31.0 to 0.32.0
- Bump golang.org/x/term from 0.27.0 to 0.28.0
- bump version to v3.17.0
- Bump github.com/moby/term from 0.5.0 to 0.5.2
- Add test case for removing an entire object
- Tests for bugfix: Override subcharts with null values #12879
- feat: Added multi-platform plugin hook support to v3
- This commit fixes the issue where the yaml.Unmarshaller
converts all int values into float64, this passes in option
to decoder, which enables conversion of int into .
- merge null child chart objects
Update to version 3.17.3:
Helm v3.17.3 is a security (patch) release. Users are strongly
recommended to update to this release.
* Changelog
- Unarchiving fix e4da497 (Matt Farina)
Patchnames
SUSE-SLE-Micro-6.0-404
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for helm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for helm fixes the following issues:\n\nUpdate to version 3.18.4 (bsc#1246152, CVE-2025-53547):\n\n * Disabling linter due to unknown issue f20a4ad (Matt Farina)\n * build(deps): bump the k8s-io group with 7 updates 563b094\n (dependabot[bot])\n * Updating link handling 00de613 (Matt Farina)\n\nUpdate to version 3.18.3:\n\n * build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0\n 6838ebc (dependabot[bot])\n * fix: user username password for login 5b9e2f6 (Terry Howe)\n * Update pkg/registry/transport.go 2782412 (Terry Howe)\n * Update pkg/registry/transport.go e66cf6a (Terry Howe)\n * fix: add debug logging to oci transport 191f05c (Terry Howe)\n\nUpdate to version 3.18.2:\n\n * fix: legacy docker support broken for login 04cad46 (Terry\n Howe)\n * Handle an empty registry config file. bc9f8a2 (Matt Farina)\n\nUpdate to version 3.18.1:\n\n * Notes:\n - This release fixes regressions around template generation and\n OCI registry interaction in 3.18.0\n - There are at least 2 known regressions unaddressed in this\n release. They are being worked on.\n - Empty registry configuration files. When the file exists\n but it is empty.\n - Login to Docker Hub on some domains fails.\n * Changelog\n - fix(client): skipnode utilization for PreCopy\n - fix(client): layers now returns manifest - remove duplicate\n from descriptors\n - fix(client): return nil on non-allowed media types\n - Prevent fetching newReference again as we have in calling\n method\n - Prevent failure when resolving version tags in oras memory\n store\n - Update pkg/plugin/plugin.go\n - Update pkg/plugin/plugin.go\n - Wait for Helm v4 before raising when platformCommand and\n Command are set\n - Fix 3.18.0 regression: registry login with scheme\n - Revert \"fix (helm) : toToml` renders int as float [ backport\n to v3 ]\"\n\nUpdate to version 3.18.0 (bsc#1241802, CVE-2025-22872):\n\n * Notable Changes:\n\n - Add support for JSON Schema 2020\n - Enabled cpu and memory profiling\n - Add hook annotation to output hook logs to client on error\n\n * Changelog:\n\n - build(deps): bump the k8s-io group with 7 updates\n - fix: govulncheck workflow\n - bump version to v3.18.0\n - fix:add proxy support when mTLS configured\n - docs: Note about http fallback for OCI registries\n - Bump net package to avoid CVE on dev-v3\n - Bump toml\n - backport #30677to dev3\n - build(deps): bump github.com/rubenv/sql-migrate from 1.7.2 to\n 1.8.0\n - Add install test for TakeOwnership flag\n - Fix --take-ownership\n - build(deps): bump github.com/rubenv/sql-migrate from 1.7.1 to\n 1.7.2\n - build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0\n - build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0\n - Testing text bump\n - Permit more Go version and not only 1.23.8\n - Bumps github.com/distribution/distribution/v3 from 3.0.0-rc.3\n to 3.0.0\n - Unarchiving fix\n - Fix typo\n - Report as debug log, the time spent waiting for resources\n - build(deps): bump github.com/containerd/containerd from\n 1.7.26 to 1.7.27\n - Update pkg/registry/fallback.go\n - automatic fallback to http\n - chore(oci): upgrade to ORAS v2\n - Updating to 0.37.0 for x/net\n - build(deps): bump the k8s-io group with 7 updates\n - build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0\n - build(deps): bump github.com/opencontainers/image-spec\n - build(deps): bump github.com/containerd/containerd from\n 1.7.25 to 1.7.26\n - build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0\n - Fix cherry-pick helm.sh/helm/v4 -\u003e helm.sh/helm/v3\n - Refactor based on review comment\n - Refactor based on review comment\n - Add HookOutputFunc and generic yaml unmarshaller\n - clarify fix error message\n - fix err check\n - remove comments about previous functionality\n - add short circuit return\n - Update based on review comments\n - Update based on review comments\n - Fix lint\n - Tidy up imports\n - Add hook annotations to output pod logs to client on success\n and fail\n - chore: use []error instead of []string\n - Update cmd/helm/profiling.go\n - chore: update profiling doc in CONTRIBUTING.md\n - Update CONTRIBUTING guide\n - Prefer environment variables to CLI flags\n - Fix linter warning\n - Move pprof paths to HELM_PPROF env variable\n - Update CONTRIBUTING.md\n - Update CONTRIBUTING.md\n - Additional review fixes from PR\n - feat: Add flags to enable CPU and memory profiling\n - build(deps): bump github.com/distribution/distribution/v3\n - build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1\n - Moving to SetOut and SetErr for Cobra\n - build(deps): bump the k8s-io group with 7 updates\n - build(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0\n - build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0\n - build(deps): bump golang.org/x/text from 0.21.0 to 0.22.0\n - build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6\n - build(deps): bump github.com/cyphar/filepath-securejoin\n - build(deps): bump github.com/evanphx/json-patch\n - build(deps): bump the k8s-io group with 7 updates\n - fix: check group for resource info match\n - Bump github.com/cyphar/filepath-securejoin from 0.3.6 to\n 0.4.0\n - add test for nullifying nested global value\n - Ensuring the file paths are clean prior to passing to\n securejoin\n - Bump github.com/containerd/containerd from 1.7.24 to 1.7.25\n - Bump golang.org/x/crypto from 0.31.0 to 0.32.0\n - Bump golang.org/x/term from 0.27.0 to 0.28.0\n - bump version to v3.17.0\n - Bump github.com/moby/term from 0.5.0 to 0.5.2\n - Add test case for removing an entire object\n - Tests for bugfix: Override subcharts with null values #12879\n - feat: Added multi-platform plugin hook support to v3\n - This commit fixes the issue where the yaml.Unmarshaller\n converts all int values into float64, this passes in option\n to decoder, which enables conversion of int into .\n - merge null child chart objects\n\nUpdate to version 3.17.3:\n\n Helm v3.17.3 is a security (patch) release. Users are strongly\n recommended to update to this release.\n\n * Changelog\n - Unarchiving fix e4da497 (Matt Farina)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-404",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20516-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20516-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520516-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20516-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041035.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241802",
"url": "https://bugzilla.suse.com/1241802"
},
{
"category": "self",
"summary": "SUSE Bug 1246152",
"url": "https://bugzilla.suse.com/1246152"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53547 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53547/"
}
],
"title": "Security update for helm",
"tracking": {
"current_release_date": "2025-07-30T09:27:44Z",
"generator": {
"date": "2025-07-30T09:27:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20516-1",
"initial_release_date": "2025-07-30T09:27:44Z",
"revision_history": [
{
"date": "2025-07-30T09:27:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.4-1.1.aarch64",
"product": {
"name": "helm-3.18.4-1.1.aarch64",
"product_id": "helm-3.18.4-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-bash-completion-3.18.4-1.1.noarch",
"product": {
"name": "helm-bash-completion-3.18.4-1.1.noarch",
"product_id": "helm-bash-completion-3.18.4-1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.4-1.1.s390x",
"product": {
"name": "helm-3.18.4-1.1.s390x",
"product_id": "helm-3.18.4-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.4-1.1.x86_64",
"product": {
"name": "helm-3.18.4-1.1.x86_64",
"product_id": "helm-3.18.4-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.4-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:helm-3.18.4-1.1.aarch64"
},
"product_reference": "helm-3.18.4-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.4-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:helm-3.18.4-1.1.s390x"
},
"product_reference": "helm-3.18.4-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.4-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:helm-3.18.4-1.1.x86_64"
},
"product_reference": "helm-3.18.4-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.4-1.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:helm-bash-completion-3.18.4-1.1.noarch"
},
"product_reference": "helm-bash-completion-3.18.4-1.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.18.4-1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.18.4-1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.18.4-1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-30T09:27:44Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-53547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53547"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and this file is written, can be crafted in a way that can cause execution if that same content were in a file that is executed (e.g., a bash.rc file or shell script). If the Chart.lock file is symlinked to one of these files updating dependencies will write the lock file content to the symlinked file. This can lead to unwanted execution. Helm warns of the symlinked file but did not stop execution due to symlinking. This issue has been resolved in Helm v3.18.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.18.4-1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53547",
"url": "https://www.suse.com/security/cve/CVE-2025-53547"
},
{
"category": "external",
"summary": "SUSE Bug 1246150 for CVE-2025-53547",
"url": "https://bugzilla.suse.com/1246150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.18.4-1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.18.4-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.18.4-1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-30T09:27:44Z",
"details": "important"
}
],
"title": "CVE-2025-53547"
}
]
}
SUSE-SU-2025:01987-1
Vulnerability from csaf_suse - Published: 2025-06-18 02:09 - Updated: 2025-06-18 02:09Summary
Security update for Multi-Linux Manager Client Tools
Notes
Title of the patch
Security update for Multi-Linux Manager Client Tools
Description of the patch
This update fixes the following issues:
golang-github-prometheus-prometheus was updated to version 2.53.4:
- Security issues fixed:
* CVE-2023-45288: Require Go >= 1.23 for building (bsc#1236516)
* CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 (bsc#1238686)
- Other bugs fixes from version 2.53.4:
* Runtime: fixed GOGC being set to 0 when installed
with empty prometheus.yml file resulting high cpu usage
* Scrape: fixed dropping valid metrics after previous
scrape failed
prometheus-blackbox_exporter was updated from version 0.24.0 to 0.26.0 (jsc#PED-12872):
- Security issues fixed:
* CVE-2025-22870: Fixed proxy bypassing using IPv6 zone IDs (bsc#1238680)
* CVE-2023-45288: Fixed closing connections when receiving too many headers (bsc#1236515)
- Other changes from version 0.26.0:
* Changes:
+ Replace go-kit/log with log/slog module.
* Features:
+ Add metric to record tls ciphersuite negotiated during
handshake.
+ Add a way to export labels with content matched by the probe.
Reports Certificate Serial number.
* Enhancement:
+ Add stale workflow to start sync with stale.yaml in Prometheus.
* Bug fixes:
+ Only register grpc TLS metrics on successful handshake.
- Other changes from version 0.25.0:
* Features:
+ Allow to get Probe logs by target.
+ Log errors from probe.
* Bug fixes:
+ Prevent logging confusing error message.
+ Explicit registration of internal exporter metrics.
grafana was updated from version 10.4.15 to 11.5.5 (jsc#PED-12918):
- Security issues fixed:
* CVE-2025-4123: Fix cross-site scripting vulnerability (bsc#1243714).
* CVE-2025-22872: Bump golang.org/x/net/html (bsc#1241809)
* CVE-2025-3580: Prevent unauthorized server admin deletion (bsc#1243672).
* CVE-2025-29923: Bump github.com/redis/go-redis/v9 to 9.6.3.
* CVE-2025-3454: Sanitize paths before evaluating access to route (bsc#1241683).
* CVE-2025-2703: Fix built-in XY Chart plugin (bsc#1241687).
* CVE-2025-22870: Bump golang.org/x/net (bsc#1238703).
* CVE-2024-9476: Fix Migration Assistant issue (bsc#1233343)
* CVE-2024-9264: SQL Expressions (bsc#1231844)
* CVE-2023-45288: Bump golang.org/x/net (bsc#1236510)
* CVE-2025-22870: Bump golang.org/x/net to version 0.37.0 (bsc#1238686)
- Potential breaking changes in version 11.5.0:
* Loki: Default to /labels API with query param instead of /series API.
- Potential breaking changes in version 11.0.1:
* If you had selected your language as 'Portugus Brasileiro'
previously, this will be reset. You have to select it again in
your Preferences for the fix to be applied and the translations
will then be shown.
- Potential breaking changes in version 11.0.0:
* AngularJS support is turned off by default.
* Legacy alerting is entirely removed.
* Subfolders cause very rare issues with folders which have
slashes in their names.
* The input data source is removed.
* Data sources: Responses which are associated with hidden
queries will be removed (filtered) by Grafana.
* The URL which is generated when viewing an individual repeated
panel has changed.
* React Router is deprecated.
* The grafana/e2e testing tool is deprecated.
- This update brings many new features, enhancements and fixes highlighted at:
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-5/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-4/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-3/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-2/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-1/
* https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-0/
golang-github-prometheus-node_exporter was updated to version 1.9.1:
- Security issues fixed:
* CVE-2025-22870: Bumped golang.org/x/net to version 0.37.0 (bsc#1238686)
- Other changes from version 1.9.1:
* pressure: Fix missing IRQ on older kernels
* Fix Darwin memory leak
golang-github-prometheus-alertmanager:
- Security issues fixed:
* CVE-2025-22870: Fix proxy bypassing using IPv6 zone IDs (bsc#1238686)
* CVE-2023-45288: Fix HTTP/2 CONTINUATION flood in net/http (bsc#1236516)
Patchnames
SUSE-2025-1987,SUSE-SLE-Manager-Tools-12-2025-1987,SUSE-SLE-SERVER-12-SP5-LTSS-2025-1987,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1987
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngolang-github-prometheus-prometheus was updated to version 2.53.4:\n \n- Security issues fixed:\n * CVE-2023-45288: Require Go \u003e= 1.23 for building (bsc#1236516)\n * CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 (bsc#1238686)\n\n- Other bugs fixes from version 2.53.4: \n * Runtime: fixed GOGC being set to 0 when installed\n with empty prometheus.yml file resulting high cpu usage\n * Scrape: fixed dropping valid metrics after previous\n scrape failed\n \nprometheus-blackbox_exporter was updated from version 0.24.0 to 0.26.0 (jsc#PED-12872): \n\n- Security issues fixed:\n * CVE-2025-22870: Fixed proxy bypassing using IPv6 zone IDs (bsc#1238680)\n * CVE-2023-45288: Fixed closing connections when receiving too many headers (bsc#1236515)\n\n- Other changes from version 0.26.0:\n * Changes:\n + Replace go-kit/log with log/slog module.\n * Features:\n + Add metric to record tls ciphersuite negotiated during\n handshake.\n + Add a way to export labels with content matched by the probe.\n Reports Certificate Serial number.\n * Enhancement:\n + Add stale workflow to start sync with stale.yaml in Prometheus.\n * Bug fixes:\n + Only register grpc TLS metrics on successful handshake.\n\n- Other changes from version 0.25.0:\n * Features:\n + Allow to get Probe logs by target.\n + Log errors from probe.\n * Bug fixes:\n + Prevent logging confusing error message.\n + Explicit registration of internal exporter metrics.\n\ngrafana was updated from version 10.4.15 to 11.5.5 (jsc#PED-12918):\n\n- Security issues fixed:\n * CVE-2025-4123: Fix cross-site scripting vulnerability (bsc#1243714).\n * CVE-2025-22872: Bump golang.org/x/net/html (bsc#1241809)\n * CVE-2025-3580: Prevent unauthorized server admin deletion (bsc#1243672).\n * CVE-2025-29923: Bump github.com/redis/go-redis/v9 to 9.6.3.\n * CVE-2025-3454: Sanitize paths before evaluating access to route (bsc#1241683).\n * CVE-2025-2703: Fix built-in XY Chart plugin (bsc#1241687).\n * CVE-2025-22870: Bump golang.org/x/net (bsc#1238703).\n * CVE-2024-9476: Fix Migration Assistant issue (bsc#1233343)\n * CVE-2024-9264: SQL Expressions (bsc#1231844)\n * CVE-2023-45288: Bump golang.org/x/net (bsc#1236510)\n * CVE-2025-22870: Bump golang.org/x/net to version 0.37.0 (bsc#1238686)\n\n- Potential breaking changes in version 11.5.0:\n * Loki: Default to /labels API with query param instead of /series API.\n\n- Potential breaking changes in version 11.0.1:\n * If you had selected your language as \u0027Portugus Brasileiro\u0027\n previously, this will be reset. You have to select it again in\n your Preferences for the fix to be applied and the translations\n will then be shown.\n\n- Potential breaking changes in version 11.0.0:\n * AngularJS support is turned off by default.\n * Legacy alerting is entirely removed.\n * Subfolders cause very rare issues with folders which have\n slashes in their names.\n * The input data source is removed.\n * Data sources: Responses which are associated with hidden\n queries will be removed (filtered) by Grafana.\n * The URL which is generated when viewing an individual repeated\n panel has changed.\n * React Router is deprecated.\n * The grafana/e2e testing tool is deprecated.\n \n- This update brings many new features, enhancements and fixes highlighted at:\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-5/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-4/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-3/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-2/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-1/\n * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-0/\n \ngolang-github-prometheus-node_exporter was updated to version 1.9.1:\n \n- Security issues fixed:\n * CVE-2025-22870: Bumped golang.org/x/net to version 0.37.0 (bsc#1238686)\n \n- Other changes from version 1.9.1:\n * pressure: Fix missing IRQ on older kernels\n * Fix Darwin memory leak\n \ngolang-github-prometheus-alertmanager:\n \n- Security issues fixed: \n * CVE-2025-22870: Fix proxy bypassing using IPv6 zone IDs (bsc#1238686)\n * CVE-2023-45288: Fix HTTP/2 CONTINUATION flood in net/http (bsc#1236516)\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1987,SUSE-SLE-Manager-Tools-12-2025-1987,SUSE-SLE-SERVER-12-SP5-LTSS-2025-1987,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1987",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01987-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01987-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501987-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01987-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040351.html"
},
{
"category": "self",
"summary": "SUSE Bug 1208752",
"url": "https://bugzilla.suse.com/1208752"
},
{
"category": "self",
"summary": "SUSE Bug 1231844",
"url": "https://bugzilla.suse.com/1231844"
},
{
"category": "self",
"summary": "SUSE Bug 1233343",
"url": "https://bugzilla.suse.com/1233343"
},
{
"category": "self",
"summary": "SUSE Bug 1236510",
"url": "https://bugzilla.suse.com/1236510"
},
{
"category": "self",
"summary": "SUSE Bug 1236515",
"url": "https://bugzilla.suse.com/1236515"
},
{
"category": "self",
"summary": "SUSE Bug 1236516",
"url": "https://bugzilla.suse.com/1236516"
},
{
"category": "self",
"summary": "SUSE Bug 1238680",
"url": "https://bugzilla.suse.com/1238680"
},
{
"category": "self",
"summary": "SUSE Bug 1238686",
"url": "https://bugzilla.suse.com/1238686"
},
{
"category": "self",
"summary": "SUSE Bug 1238703",
"url": "https://bugzilla.suse.com/1238703"
},
{
"category": "self",
"summary": "SUSE Bug 1241683",
"url": "https://bugzilla.suse.com/1241683"
},
{
"category": "self",
"summary": "SUSE Bug 1241687",
"url": "https://bugzilla.suse.com/1241687"
},
{
"category": "self",
"summary": "SUSE Bug 1241809",
"url": "https://bugzilla.suse.com/1241809"
},
{
"category": "self",
"summary": "SUSE Bug 1243672",
"url": "https://bugzilla.suse.com/1243672"
},
{
"category": "self",
"summary": "SUSE Bug 1243714",
"url": "https://bugzilla.suse.com/1243714"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9476 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-29923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-29923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3454 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3454/"
}
],
"title": "Security update for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2025-06-18T02:09:10Z",
"generator": {
"date": "2025-06-18T02:09:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01987-1",
"initial_release_date": "2025-06-18T02:09:10Z",
"revision_history": [
{
"date": "2025-06-18T02:09:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"product_id": "golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.5-1.79.2.aarch64",
"product": {
"name": "grafana-11.5.5-1.79.2.aarch64",
"product_id": "grafana-11.5.5-1.79.2.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"product_id": "prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.i586",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.i586",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.i586",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.i586",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.i586",
"product": {
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.i586",
"product_id": "golang-github-prometheus-prometheus-2.53.4-1.60.2.i586"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.i586",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.i586",
"product_id": "prometheus-blackbox_exporter-0.26.0-1.27.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"product_id": "golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.5.5-1.79.2.ppc64le",
"product": {
"name": "grafana-11.5.5-1.79.2.ppc64le",
"product_id": "grafana-11.5.5-1.79.2.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"product_id": "prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"product_id": "golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.5.5-1.79.2.s390x",
"product": {
"name": "grafana-11.5.5-1.79.2.s390x",
"product_id": "grafana-11.5.5-1.79.2.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"product_id": "prometheus-blackbox_exporter-0.26.0-1.27.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"product_id": "golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.5-1.79.2.x86_64",
"product": {
"name": "grafana-11.5.5-1.79.2.x86_64",
"product_id": "grafana-11.5.5-1.79.2.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64",
"product_id": "prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 12",
"product": {
"name": "SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12"
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-1.79.2.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64"
},
"product_reference": "grafana-11.5.5-1.79.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-1.79.2.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le"
},
"product_reference": "grafana-11.5.5-1.79.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-1.79.2.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x"
},
"product_reference": "grafana-11.5.5-1.79.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.5-1.79.2.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64"
},
"product_reference": "grafana-11.5.5-1.79.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:09:10Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2024-9264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9264"
}
],
"notes": [
{
"category": "general",
"text": "The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana\u0027s $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9264",
"url": "https://www.suse.com/security/cve/CVE-2024-9264"
},
{
"category": "external",
"summary": "SUSE Bug 1231844 for CVE-2024-9264",
"url": "https://bugzilla.suse.com/1231844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:09:10Z",
"details": "critical"
}
],
"title": "CVE-2024-9264"
},
{
"cve": "CVE-2024-9476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9476"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9476",
"url": "https://www.suse.com/security/cve/CVE-2024-9476"
},
{
"category": "external",
"summary": "SUSE Bug 1233343 for CVE-2024-9476",
"url": "https://bugzilla.suse.com/1233343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:09:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-9476"
},
{
"cve": "CVE-2025-22870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22870"
}
],
"notes": [
{
"category": "general",
"text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22870",
"url": "https://www.suse.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "SUSE Bug 1238572 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "external",
"summary": "SUSE Bug 1238611 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:09:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-22870"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:09:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-2703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2703"
}
],
"notes": [
{
"category": "general",
"text": "The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. \n\nA user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2703",
"url": "https://www.suse.com/security/cve/CVE-2025-2703"
},
{
"category": "external",
"summary": "SUSE Bug 1241687 for CVE-2025-2703",
"url": "https://bugzilla.suse.com/1241687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:09:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-2703"
},
{
"cve": "CVE-2025-29923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-29923"
}
],
"notes": [
{
"category": "general",
"text": "go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when `CLIENT SETINFO` times out during connection establishment. This can happen when the client is configured to transmit its identity, there are network connectivity issues, or the client was configured with aggressive timeouts. The problem occurs for multiple use cases. For sticky connections, you receive persistent out-of-order responses for the lifetime of the connection. All commands in the pipeline receive incorrect responses. When used with the default ConnPool once a connection is returned after use with ConnPool#Put the read buffer will be checked and the connection will be marked as bad due to the unread data. This means that at most one out-of-order response before the connection is discarded. This issue is fixed in 9.5.5, 9.6.3, and 9.7.3. You can prevent the vulnerability by setting the flag DisableIndentity to true when constructing the client instance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-29923",
"url": "https://www.suse.com/security/cve/CVE-2025-29923"
},
{
"category": "external",
"summary": "SUSE Bug 1241152 for CVE-2025-29923",
"url": "https://bugzilla.suse.com/1241152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:09:10Z",
"details": "low"
}
],
"title": "CVE-2025-29923"
},
{
"cve": "CVE-2025-3454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3454"
}
],
"notes": [
{
"category": "general",
"text": "This vulnerability in Grafana\u0027s datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path.\n\nUsers with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources.\n\nThe issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3454",
"url": "https://www.suse.com/security/cve/CVE-2025-3454"
},
{
"category": "external",
"summary": "SUSE Bug 1241683 for CVE-2025-3454",
"url": "https://bugzilla.suse.com/1241683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.31.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.9.1-1.36.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.4-1.60.2.x86_64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.aarch64",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.ppc64le",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.s390x",
"SUSE Manager Client Tools 12:grafana-11.5.5-1.79.2.x86_64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.aarch64",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.ppc64le",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.s390x",
"SUSE Manager Client Tools 12:prometheus-blackbox_exporter-0.26.0-1.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-18T02:09:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-3454"
}
]
}
SUSE-SU-2025:02383-1
Vulnerability from csaf_suse - Published: 2025-07-18 16:44 - Updated: 2025-07-18 16:44Summary
Security update for kubernetes1.26
Notes
Title of the patch
Security update for kubernetes1.26
Description of the patch
This update for kubernetes1.26 fixes the following issues:
- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).
Patchnames
SUSE-2025-2383,SUSE-SLE-Module-Containers-15-SP6-2025-2383,openSUSE-SLE-15.6-2025-2383
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.26",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.26 fixes the following issues:\n\n- CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2383,SUSE-SLE-Module-Containers-15-SP6-2025-2383,openSUSE-SLE-15.6-2025-2383",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02383-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02383-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502383-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02383-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040789.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229008",
"url": "https://bugzilla.suse.com/1229008"
},
{
"category": "self",
"summary": "SUSE Bug 1241865",
"url": "https://bugzilla.suse.com/1241865"
},
{
"category": "self",
"summary": "SUSE Bug 1245087",
"url": "https://bugzilla.suse.com/1245087"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "Security update for kubernetes1.26",
"tracking": {
"current_release_date": "2025-07-18T16:44:46Z",
"generator": {
"date": "2025-07-18T16:44:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02383-1",
"initial_release_date": "2025-07-18T16:44:46Z",
"revision_history": [
{
"date": "2025-07-18T16:44:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch",
"product": {
"name": "kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch",
"product_id": "kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch",
"product": {
"name": "kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch",
"product_id": "kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch"
},
"product_reference": "kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch"
},
"product_reference": "kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64"
},
"product_reference": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le"
},
"product_reference": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x"
},
"product_reference": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64"
},
"product_reference": "kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-apiserver-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-client-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-client-bash-completion-1.26.15-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-client-common-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-client-fish-completion-1.26.15-150400.9.22.1.noarch",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-controller-manager-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-kubeadm-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-kubelet-common-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-proxy-1.26.15-150400.9.22.1.x86_64",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.aarch64",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.ppc64le",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.s390x",
"openSUSE Leap 15.6:kubernetes1.26-scheduler-1.26.15-150400.9.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T16:44:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2025-AVI-0524
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Greenplum | Tanzu Greenplum Data Copy Utility versions antérieures à 2.8.0 | ||
| VMware | Tanzu | Tanzu Data Lake versions antérieures à 1.1.0 | ||
| VMware | Tanzu | Tanzu pour Postgres sur Kubernetes versions antérieures à 4.1.0 et 4.2.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Command Center versions antérieures à 6.14.0 et 7.4.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Backup and Restore versions antérieures à 1.31.1 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Streaming Server versions antérieures à 2.1.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions 6.x antérieures à 6.29.1 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions 7.x antérieures à 7.5.0 | ||
| VMware | Tanzu | VMware Tanzu pour Valkey sur Kubernetes versions antérieures à 1.1.0 et 2.0.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Greenplum Data Copy Utility versions ant\u00e9rieures \u00e0 2.8.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Data Lake versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres sur Kubernetes versions ant\u00e9rieures \u00e0 4.1.0 et 4.2.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Command Center versions ant\u00e9rieures \u00e0 6.14.0 et 7.4.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Backup and Restore versions ant\u00e9rieures \u00e0 1.31.1",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Streaming Server versions ant\u00e9rieures \u00e0 2.1.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions 6.x ant\u00e9rieures \u00e0 6.29.1",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions 7.x ant\u00e9rieures \u00e0 7.5.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour Valkey sur Kubernetes versions ant\u00e9rieures \u00e0 1.1.0 et 2.0.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-2126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2126"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2021-45943",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45943"
},
{
"name": "CVE-2021-34141",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34141"
},
{
"name": "CVE-2022-1941",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1941"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2022-41862",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41862"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-40898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40898"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2023-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-4752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4752"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-5870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
},
{
"name": "CVE-2022-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0543"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2024-1580",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1580"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2024-23807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23807"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2024-22667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22667"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-7348",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7348"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2022-48468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48468"
},
{
"name": "CVE-2023-48161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-10976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
},
{
"name": "CVE-2024-10977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
},
{
"name": "CVE-2024-10978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
},
{
"name": "CVE-2024-10979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2025-21490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21490"
},
{
"name": "CVE-2025-21491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21491"
},
{
"name": "CVE-2025-21497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21497"
},
{
"name": "CVE-2025-21500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21500"
},
{
"name": "CVE-2025-21501",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21501"
},
{
"name": "CVE-2025-21503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21503"
},
{
"name": "CVE-2025-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21505"
},
{
"name": "CVE-2025-21519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21519"
},
{
"name": "CVE-2025-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21522"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21529"
},
{
"name": "CVE-2025-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21540"
},
{
"name": "CVE-2025-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21546"
},
{
"name": "CVE-2025-21555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21555"
},
{
"name": "CVE-2025-21559",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21559"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2022-42967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42967"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2012-0880",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0880"
},
{
"name": "CVE-2017-17507",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17507"
},
{
"name": "CVE-2017-8806",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8806"
},
{
"name": "CVE-2018-10126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10126"
},
{
"name": "CVE-2018-11205",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11205"
},
{
"name": "CVE-2018-13866",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13866"
},
{
"name": "CVE-2018-13867",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13867"
},
{
"name": "CVE-2018-13868",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13868"
},
{
"name": "CVE-2018-13869",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13869"
},
{
"name": "CVE-2018-13870",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13870"
},
{
"name": "CVE-2018-13871",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13871"
},
{
"name": "CVE-2018-13872",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13872"
},
{
"name": "CVE-2018-13874",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13874"
},
{
"name": "CVE-2018-13875",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13875"
},
{
"name": "CVE-2018-13876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13876"
},
{
"name": "CVE-2018-14031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14031"
},
{
"name": "CVE-2018-14033",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14033"
},
{
"name": "CVE-2018-14034",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14034"
},
{
"name": "CVE-2018-14035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14035"
},
{
"name": "CVE-2018-14460",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14460"
},
{
"name": "CVE-2018-15671",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15671"
},
{
"name": "CVE-2018-16438",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16438"
},
{
"name": "CVE-2018-17432",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17432"
},
{
"name": "CVE-2018-17433",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17433"
},
{
"name": "CVE-2018-17434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17434"
},
{
"name": "CVE-2018-17435",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17435"
},
{
"name": "CVE-2018-17436",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17436"
},
{
"name": "CVE-2018-17437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17437"
},
{
"name": "CVE-2018-17438",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17438"
},
{
"name": "CVE-2018-17439",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17439"
},
{
"name": "CVE-2019-20005",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20005"
},
{
"name": "CVE-2019-20006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20006"
},
{
"name": "CVE-2019-20007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20007"
},
{
"name": "CVE-2019-20198",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20198"
},
{
"name": "CVE-2019-20199",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20199"
},
{
"name": "CVE-2019-20200",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20200"
},
{
"name": "CVE-2019-20201",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20201"
},
{
"name": "CVE-2019-20202",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20202"
},
{
"name": "CVE-2019-6988",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6988"
},
{
"name": "CVE-2019-8396",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8396"
},
{
"name": "CVE-2019-8397",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8397"
},
{
"name": "CVE-2019-8398",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8398"
},
{
"name": "CVE-2019-9151",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9151"
},
{
"name": "CVE-2019-9152",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9152"
},
{
"name": "CVE-2020-10809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10809"
},
{
"name": "CVE-2020-10810",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10810"
},
{
"name": "CVE-2020-10811",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10811"
},
{
"name": "CVE-2020-10812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10812"
},
{
"name": "CVE-2020-18232",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18232"
},
{
"name": "CVE-2020-18494",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18494"
},
{
"name": "CVE-2021-26220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26220"
},
{
"name": "CVE-2021-26221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26221"
},
{
"name": "CVE-2021-26222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26222"
},
{
"name": "CVE-2021-30485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30485"
},
{
"name": "CVE-2021-31229",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31229"
},
{
"name": "CVE-2021-31347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31347"
},
{
"name": "CVE-2021-31348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31348"
},
{
"name": "CVE-2021-31598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31598"
},
{
"name": "CVE-2021-33430",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33430"
},
{
"name": "CVE-2021-37501",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37501"
},
{
"name": "CVE-2021-45829",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45829"
},
{
"name": "CVE-2021-45830",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45830"
},
{
"name": "CVE-2021-45832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45832"
},
{
"name": "CVE-2021-45833",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45833"
},
{
"name": "CVE-2021-46242",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46242"
},
{
"name": "CVE-2021-46243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46243"
},
{
"name": "CVE-2021-46244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46244"
},
{
"name": "CVE-2022-25942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25942"
},
{
"name": "CVE-2022-25972",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25972"
},
{
"name": "CVE-2022-26061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26061"
},
{
"name": "CVE-2022-30045",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30045"
},
{
"name": "CVE-2022-4055",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4055"
},
{
"name": "CVE-2022-47655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47655"
},
{
"name": "CVE-2023-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0996"
},
{
"name": "CVE-2023-29659",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29659"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-39329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39329"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2023-6879",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6879"
},
{
"name": "CVE-2024-27304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27304"
},
{
"name": "CVE-2024-29157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29157"
},
{
"name": "CVE-2024-29158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29158"
},
{
"name": "CVE-2024-29159",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29159"
},
{
"name": "CVE-2024-29160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29160"
},
{
"name": "CVE-2024-29161",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29161"
},
{
"name": "CVE-2024-29162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29162"
},
{
"name": "CVE-2024-29163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29163"
},
{
"name": "CVE-2024-29164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29164"
},
{
"name": "CVE-2024-29165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29165"
},
{
"name": "CVE-2024-29166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29166"
},
{
"name": "CVE-2024-32605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32605"
},
{
"name": "CVE-2024-32606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32606"
},
{
"name": "CVE-2024-32607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32607"
},
{
"name": "CVE-2024-32608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32608"
},
{
"name": "CVE-2024-32609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32609"
},
{
"name": "CVE-2024-32610",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32610"
},
{
"name": "CVE-2024-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32611"
},
{
"name": "CVE-2024-32612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32612"
},
{
"name": "CVE-2024-32613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32613"
},
{
"name": "CVE-2024-32614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32614"
},
{
"name": "CVE-2024-32615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32615"
},
{
"name": "CVE-2024-32616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32616"
},
{
"name": "CVE-2024-32617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32617"
},
{
"name": "CVE-2024-32618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32618"
},
{
"name": "CVE-2024-32619",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32619"
},
{
"name": "CVE-2024-32620",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32620"
},
{
"name": "CVE-2024-32621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32621"
},
{
"name": "CVE-2024-32622",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32622"
},
{
"name": "CVE-2024-32623",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32623"
},
{
"name": "CVE-2024-32624",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32624"
},
{
"name": "CVE-2024-33873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33873"
},
{
"name": "CVE-2024-33874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33874"
},
{
"name": "CVE-2024-33875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33875"
},
{
"name": "CVE-2024-33876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33876"
},
{
"name": "CVE-2024-33877",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33877"
},
{
"name": "CVE-2024-34402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34402"
},
{
"name": "CVE-2024-34403",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34403"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2024-41996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41996"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2024-46981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46981"
},
{
"name": "CVE-2024-49203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49203"
},
{
"name": "CVE-2024-5171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5171"
},
{
"name": "CVE-2024-51741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51741"
},
{
"name": "CVE-2024-52522",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52522"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2024-53920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53920"
},
{
"name": "CVE-2024-56378",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56378"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2024-6716",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6716"
},
{
"name": "CVE-2025-2153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2153"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-23022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23022"
},
{
"name": "CVE-2025-24528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24528"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0524",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
"vendor_advisories": [
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35841",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35841"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35844",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35844"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35843",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35843"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35842",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35842"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35846",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35846"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35849",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35849"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35840",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35840"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35847",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35847"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35839",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35839"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35845",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35845"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35848",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35848"
}
]
}
CERTFR-2025-AVI-0622
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry Windows | ||
| VMware | N/A | Stemcells sans le dernier correctif de sécurité | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu | Anti-Virus sans le dernier correctif de sécurité pour Tanzu version 2.4.0 | ||
| VMware | Tanzu | Scheduler sans le dernier correctif de sécurité pour Tanzu version 2.0.19 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | GenAI sans le dernier correctif de sécurité pour Tanzu Platform pour Cloud Foundry version 10.2.1 | ||
| VMware | Tanzu Application Service | Tanzu Application Service versions antérieures à 1.16.11 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Services sans le dernier correctif de sécurité pour Tanzu version 3.3.8 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Data Flow sans le dernier correctif de sécurité pour Tanzu version 1.14.7 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Application Service | Single Sign-On sans le dernier correctif de sécurité pour Tanzu Application Service version 1.16.11 | ||
| VMware | Tanzu | File Integrity Monitoring sans le dernier correctif de sécurité pour Tanzu version 2.1.47 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Anti-Virus sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.4.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Scheduler sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.0.19",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "GenAI sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Platform pour Cloud Foundry version 10.2.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 3.3.8",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 1.14.7",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Application Service version 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "File Integrity Monitoring sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.1.47",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2023-28755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28755"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2023-28841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2023-28840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2020-36843",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36843"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-3445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3445"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2024-21012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21012"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-24579",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24579"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-28948",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28948"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2022-31030",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2023-2253",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-33202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2024-24557",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24557"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2024-0406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0406"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2024-6104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6104"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-30691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30691"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2024-40635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40635"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2023-28842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2022-36056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36056"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2023-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
},
{
"name": "CVE-2024-41909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41909"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2022-36109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36109"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2023-36617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36617"
},
{
"name": "CVE-2023-33199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33199"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2022-24769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24769"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2023-30551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30551"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-35929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35929"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2024-52587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52587"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2022-29173",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29173"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2024-29902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29902"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2025-47290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47290"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2024-27282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27282"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2023-46737",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46737"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-4949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4949"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-28756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28756"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-29903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29903"
},
{
"name": "CVE-2025-4575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4575"
},
{
"name": "CVE-2022-21698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
},
{
"name": "CVE-2025-32441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32441"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0622",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35981",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35981"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35967",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35967"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35980",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35980"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35974",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35974"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35979",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35979"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35984",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35984"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35970",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35970"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35983",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35983"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35978",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35978"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35968",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35968"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35973",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35973"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35976",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35976"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35969",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35969"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35966",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35966"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35972",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35972"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35977",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35977"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35982",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35982"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35971",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35971"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35975",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35975"
}
]
}
CERTFR-2025-AVI-1036
Vulnerability from certfr_avis - Published: 2025-11-24 - Updated: 2025-11-24
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | App Metrics versions antérieures à 2.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.954.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.126.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Platform Services | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Metric Store versions antérieures à 1.8.1 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | AI Services pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu | VMware Tanzu pour Postgres on Tanzu Platform versions antérieures à 10.2.1 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.954.x | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Windows) versions antérieures à 2019.92.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.954.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "App Metrics versions ant\u00e9rieures \u00e0 2.3.2",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.126.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Platform Services",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Metric Store versions ant\u00e9rieures \u00e0 1.8.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "AI Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour Postgres on Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Windows) versions ant\u00e9rieures \u00e0 2019.92.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-13425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13425"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-64329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64329"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-10977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2024-10976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-59530",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59530"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2024-10978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2024-10979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2025-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5981"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-24T00:00:00",
"last_revision_date": "2025-11-24T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1036",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36513",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36513"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36530",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36530"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36512",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36512"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36526",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36526"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36511",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36511"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36525",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36525"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36516",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36516"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36527",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36527"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36536",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36536"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36519",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36519"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36518",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36518"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36524",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36524"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36521",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36521"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36528",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36528"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36522",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36522"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36514",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36514"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36532",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36532"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36509",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36509"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36517",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36517"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36533",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36533"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36537",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36537"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36531",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36531"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36510",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36510"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36523",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36523"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36515",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36515"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36529",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36529"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36534",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36534"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36535",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36535"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36520",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36520"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2025-AVI-0754
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Gemfire | Tanzu GemFire Management Console versions antérieures à 1.4.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions antérieures à 7.5.4 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu GemFire Management Console versions ant\u00e9rieures \u00e0 1.4.0",
"product": {
"name": "Tanzu Gemfire",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 7.5.4",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2021-45078",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45078"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2024-6104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6104"
},
{
"name": "CVE-2022-44840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44840"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0754",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware TNZ-2025-0094",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36085"
},
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware TNZ-2025-0095",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36086"
}
]
}
CERTFR-2025-AVI-0524
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Greenplum | Tanzu Greenplum Data Copy Utility versions antérieures à 2.8.0 | ||
| VMware | Tanzu | Tanzu Data Lake versions antérieures à 1.1.0 | ||
| VMware | Tanzu | Tanzu pour Postgres sur Kubernetes versions antérieures à 4.1.0 et 4.2.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Command Center versions antérieures à 6.14.0 et 7.4.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Backup and Restore versions antérieures à 1.31.1 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Streaming Server versions antérieures à 2.1.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions 6.x antérieures à 6.29.1 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions 7.x antérieures à 7.5.0 | ||
| VMware | Tanzu | VMware Tanzu pour Valkey sur Kubernetes versions antérieures à 1.1.0 et 2.0.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Greenplum Data Copy Utility versions ant\u00e9rieures \u00e0 2.8.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Data Lake versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres sur Kubernetes versions ant\u00e9rieures \u00e0 4.1.0 et 4.2.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Command Center versions ant\u00e9rieures \u00e0 6.14.0 et 7.4.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Backup and Restore versions ant\u00e9rieures \u00e0 1.31.1",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Streaming Server versions ant\u00e9rieures \u00e0 2.1.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions 6.x ant\u00e9rieures \u00e0 6.29.1",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions 7.x ant\u00e9rieures \u00e0 7.5.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour Valkey sur Kubernetes versions ant\u00e9rieures \u00e0 1.1.0 et 2.0.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-2126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2126"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2021-45943",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45943"
},
{
"name": "CVE-2021-34141",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34141"
},
{
"name": "CVE-2022-1941",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1941"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2022-41862",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41862"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-40898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40898"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2023-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-4752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4752"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-5870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
},
{
"name": "CVE-2022-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0543"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2024-1580",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1580"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2024-23807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23807"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2024-22667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22667"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-7348",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7348"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2022-48468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48468"
},
{
"name": "CVE-2023-48161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-10976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
},
{
"name": "CVE-2024-10977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
},
{
"name": "CVE-2024-10978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
},
{
"name": "CVE-2024-10979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2025-21490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21490"
},
{
"name": "CVE-2025-21491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21491"
},
{
"name": "CVE-2025-21497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21497"
},
{
"name": "CVE-2025-21500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21500"
},
{
"name": "CVE-2025-21501",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21501"
},
{
"name": "CVE-2025-21503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21503"
},
{
"name": "CVE-2025-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21505"
},
{
"name": "CVE-2025-21519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21519"
},
{
"name": "CVE-2025-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21522"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21529"
},
{
"name": "CVE-2025-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21540"
},
{
"name": "CVE-2025-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21546"
},
{
"name": "CVE-2025-21555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21555"
},
{
"name": "CVE-2025-21559",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21559"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2022-42967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42967"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2012-0880",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0880"
},
{
"name": "CVE-2017-17507",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17507"
},
{
"name": "CVE-2017-8806",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8806"
},
{
"name": "CVE-2018-10126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10126"
},
{
"name": "CVE-2018-11205",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11205"
},
{
"name": "CVE-2018-13866",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13866"
},
{
"name": "CVE-2018-13867",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13867"
},
{
"name": "CVE-2018-13868",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13868"
},
{
"name": "CVE-2018-13869",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13869"
},
{
"name": "CVE-2018-13870",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13870"
},
{
"name": "CVE-2018-13871",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13871"
},
{
"name": "CVE-2018-13872",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13872"
},
{
"name": "CVE-2018-13874",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13874"
},
{
"name": "CVE-2018-13875",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13875"
},
{
"name": "CVE-2018-13876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13876"
},
{
"name": "CVE-2018-14031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14031"
},
{
"name": "CVE-2018-14033",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14033"
},
{
"name": "CVE-2018-14034",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14034"
},
{
"name": "CVE-2018-14035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14035"
},
{
"name": "CVE-2018-14460",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14460"
},
{
"name": "CVE-2018-15671",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15671"
},
{
"name": "CVE-2018-16438",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16438"
},
{
"name": "CVE-2018-17432",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17432"
},
{
"name": "CVE-2018-17433",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17433"
},
{
"name": "CVE-2018-17434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17434"
},
{
"name": "CVE-2018-17435",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17435"
},
{
"name": "CVE-2018-17436",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17436"
},
{
"name": "CVE-2018-17437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17437"
},
{
"name": "CVE-2018-17438",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17438"
},
{
"name": "CVE-2018-17439",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17439"
},
{
"name": "CVE-2019-20005",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20005"
},
{
"name": "CVE-2019-20006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20006"
},
{
"name": "CVE-2019-20007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20007"
},
{
"name": "CVE-2019-20198",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20198"
},
{
"name": "CVE-2019-20199",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20199"
},
{
"name": "CVE-2019-20200",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20200"
},
{
"name": "CVE-2019-20201",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20201"
},
{
"name": "CVE-2019-20202",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20202"
},
{
"name": "CVE-2019-6988",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6988"
},
{
"name": "CVE-2019-8396",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8396"
},
{
"name": "CVE-2019-8397",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8397"
},
{
"name": "CVE-2019-8398",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8398"
},
{
"name": "CVE-2019-9151",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9151"
},
{
"name": "CVE-2019-9152",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9152"
},
{
"name": "CVE-2020-10809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10809"
},
{
"name": "CVE-2020-10810",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10810"
},
{
"name": "CVE-2020-10811",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10811"
},
{
"name": "CVE-2020-10812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10812"
},
{
"name": "CVE-2020-18232",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18232"
},
{
"name": "CVE-2020-18494",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18494"
},
{
"name": "CVE-2021-26220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26220"
},
{
"name": "CVE-2021-26221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26221"
},
{
"name": "CVE-2021-26222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26222"
},
{
"name": "CVE-2021-30485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30485"
},
{
"name": "CVE-2021-31229",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31229"
},
{
"name": "CVE-2021-31347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31347"
},
{
"name": "CVE-2021-31348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31348"
},
{
"name": "CVE-2021-31598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31598"
},
{
"name": "CVE-2021-33430",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33430"
},
{
"name": "CVE-2021-37501",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37501"
},
{
"name": "CVE-2021-45829",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45829"
},
{
"name": "CVE-2021-45830",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45830"
},
{
"name": "CVE-2021-45832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45832"
},
{
"name": "CVE-2021-45833",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45833"
},
{
"name": "CVE-2021-46242",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46242"
},
{
"name": "CVE-2021-46243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46243"
},
{
"name": "CVE-2021-46244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46244"
},
{
"name": "CVE-2022-25942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25942"
},
{
"name": "CVE-2022-25972",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25972"
},
{
"name": "CVE-2022-26061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26061"
},
{
"name": "CVE-2022-30045",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30045"
},
{
"name": "CVE-2022-4055",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4055"
},
{
"name": "CVE-2022-47655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47655"
},
{
"name": "CVE-2023-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0996"
},
{
"name": "CVE-2023-29659",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29659"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-39329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39329"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2023-6879",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6879"
},
{
"name": "CVE-2024-27304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27304"
},
{
"name": "CVE-2024-29157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29157"
},
{
"name": "CVE-2024-29158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29158"
},
{
"name": "CVE-2024-29159",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29159"
},
{
"name": "CVE-2024-29160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29160"
},
{
"name": "CVE-2024-29161",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29161"
},
{
"name": "CVE-2024-29162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29162"
},
{
"name": "CVE-2024-29163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29163"
},
{
"name": "CVE-2024-29164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29164"
},
{
"name": "CVE-2024-29165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29165"
},
{
"name": "CVE-2024-29166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29166"
},
{
"name": "CVE-2024-32605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32605"
},
{
"name": "CVE-2024-32606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32606"
},
{
"name": "CVE-2024-32607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32607"
},
{
"name": "CVE-2024-32608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32608"
},
{
"name": "CVE-2024-32609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32609"
},
{
"name": "CVE-2024-32610",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32610"
},
{
"name": "CVE-2024-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32611"
},
{
"name": "CVE-2024-32612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32612"
},
{
"name": "CVE-2024-32613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32613"
},
{
"name": "CVE-2024-32614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32614"
},
{
"name": "CVE-2024-32615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32615"
},
{
"name": "CVE-2024-32616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32616"
},
{
"name": "CVE-2024-32617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32617"
},
{
"name": "CVE-2024-32618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32618"
},
{
"name": "CVE-2024-32619",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32619"
},
{
"name": "CVE-2024-32620",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32620"
},
{
"name": "CVE-2024-32621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32621"
},
{
"name": "CVE-2024-32622",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32622"
},
{
"name": "CVE-2024-32623",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32623"
},
{
"name": "CVE-2024-32624",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32624"
},
{
"name": "CVE-2024-33873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33873"
},
{
"name": "CVE-2024-33874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33874"
},
{
"name": "CVE-2024-33875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33875"
},
{
"name": "CVE-2024-33876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33876"
},
{
"name": "CVE-2024-33877",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33877"
},
{
"name": "CVE-2024-34402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34402"
},
{
"name": "CVE-2024-34403",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34403"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2024-41996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41996"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2024-46981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46981"
},
{
"name": "CVE-2024-49203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49203"
},
{
"name": "CVE-2024-5171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5171"
},
{
"name": "CVE-2024-51741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51741"
},
{
"name": "CVE-2024-52522",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52522"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2024-53920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53920"
},
{
"name": "CVE-2024-56378",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56378"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2024-6716",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6716"
},
{
"name": "CVE-2025-2153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2153"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-23022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23022"
},
{
"name": "CVE-2025-24528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24528"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0524",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
"vendor_advisories": [
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35841",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35841"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35844",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35844"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35843",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35843"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35842",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35842"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35846",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35846"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35849",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35849"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35840",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35840"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35847",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35847"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35839",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35839"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35845",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35845"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35848",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35848"
}
]
}
CERTFR-2025-AVI-1036
Vulnerability from certfr_avis - Published: 2025-11-24 - Updated: 2025-11-24
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | App Metrics versions antérieures à 2.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.954.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.126.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Platform Services | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Metric Store versions antérieures à 1.8.1 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | AI Services pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu | VMware Tanzu pour Postgres on Tanzu Platform versions antérieures à 10.2.1 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.954.x | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Windows) versions antérieures à 2019.92.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.954.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "App Metrics versions ant\u00e9rieures \u00e0 2.3.2",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.126.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Platform Services",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Metric Store versions ant\u00e9rieures \u00e0 1.8.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "AI Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour Postgres on Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Windows) versions ant\u00e9rieures \u00e0 2019.92.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-13425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13425"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-64329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64329"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-10977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2024-10976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-59530",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59530"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2024-10978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2024-10979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2025-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5981"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-24T00:00:00",
"last_revision_date": "2025-11-24T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1036",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36513",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36513"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36530",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36530"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36512",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36512"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36526",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36526"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36511",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36511"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36525",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36525"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36516",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36516"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36527",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36527"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36536",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36536"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36519",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36519"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36518",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36518"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36524",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36524"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36521",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36521"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36528",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36528"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36522",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36522"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36514",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36514"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36532",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36532"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36509",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36509"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36517",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36517"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36533",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36533"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36537",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36537"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36531",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36531"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36510",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36510"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36523",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36523"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36515",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36515"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36529",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36529"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36534",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36534"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36535",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36535"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36520",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36520"
}
]
}
CERTFR-2025-AVI-0756
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 6.0.19+LTS-T | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 10.0.9 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T | ||
| VMware | Tanzu Operations Manager | Tanzu Operations Manager versions antérieures à 3.1.2 | ||
| VMware | Tanzu | Tanzu Scheduler versions antérieures à 2.0.20 | ||
| VMware | Tanzu | Spring Cloud Services for VMware Tanzu versions antérieures à 3.3.9 | ||
| VMware | Tanzu | Single Sign-On for VMware Tanzu Application Service versions antérieures à 1.16.12 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy Azure Light versions antérieures à 1.894 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy versions antérieures à 1.894 | ||
| VMware | Tanzu | Tanzu Hub versions antérieures à 10.2.1 | ||
| VMware | Tanzu | Java Buildpack versions antérieures à 4.84.0 | ||
| VMware | Tanzu | Tanzu for MySQL on Cloud Foundry versions antérieures à 10.0.2 | ||
| VMware | Tanzu | Tanzu GemFire versions antérieures à 10.1.4 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.19+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.0.9",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Operations Manager versions ant\u00e9rieures \u00e0 3.1.2",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Scheduler versions ant\u00e9rieures \u00e0 2.0.20",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services for VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.9",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On for VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.12",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy Azure Light versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.84.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for MySQL on Cloud Foundry versions ant\u00e9rieures \u00e0 10.0.2",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 10.1.4",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2025-4088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4088"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2021-35636",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35636"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2025-0448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0448"
},
{
"name": "CVE-2021-35583",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35583"
},
{
"name": "CVE-2025-3032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3032"
},
{
"name": "CVE-2019-2585",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2585"
},
{
"name": "CVE-2021-2352",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2352"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2021-3236",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3236"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2020-14861",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14861"
},
{
"name": "CVE-2025-0242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0242"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2021-35639",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35639"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2018-3279",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3279"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2019-2982",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2982"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2022-21253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21253"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2024-10467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10467"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2022-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21538"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2025-5281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5281"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2019-2808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2808"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-35575",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35575"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-8027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8027"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2022-21436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21436"
},
{
"name": "CVE-2025-2857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2857"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2020-14773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14773"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2023-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5841"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2023-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22015"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2019-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2589"
},
{
"name": "CVE-2023-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22103"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2022-21418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21418"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2021-2441",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2441"
},
{
"name": "CVE-2025-1939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1939"
},
{
"name": "CVE-2023-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21877"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2020-2921",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2921"
},
{
"name": "CVE-2021-2357",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2357"
},
{
"name": "CVE-2025-0440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0440"
},
{
"name": "CVE-2024-21207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21207"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2025-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4091"
},
{
"name": "CVE-2025-5065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5065"
},
{
"name": "CVE-2025-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0996"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2019-2596",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2596"
},
{
"name": "CVE-2019-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2879"
},
{
"name": "CVE-2025-0445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0445"
},
{
"name": "CVE-2019-2630",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2630"
},
{
"name": "CVE-2025-9308",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9308"
},
{
"name": "CVE-2019-2607",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2607"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2022-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21522"
},
{
"name": "CVE-2024-10459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10459"
},
{
"name": "CVE-2019-2495",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2495"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2023-22026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22026"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2020-14829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14829"
},
{
"name": "CVE-2020-14576",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14576"
},
{
"name": "CVE-2022-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21529"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2023-39017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39017"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2025-0434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0434"
},
{
"name": "CVE-2022-21435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21435"
},
{
"name": "CVE-2020-14777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14777"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2019-3003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3003"
},
{
"name": "CVE-2020-14839",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14839"
},
{
"name": "CVE-2019-3018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3018"
},
{
"name": "CVE-2021-35623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35623"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2022-21460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
},
{
"name": "CVE-2025-8881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8881"
},
{
"name": "CVE-2019-2993",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2993"
},
{
"name": "CVE-2020-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2686"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2021-2170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2170"
},
{
"name": "CVE-2022-21379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21379"
},
{
"name": "CVE-2021-2215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2215"
},
{
"name": "CVE-2020-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2752"
},
{
"name": "CVE-2025-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4609"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2021-2022",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2022"
},
{
"name": "CVE-2024-10461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10461"
},
{
"name": "CVE-2022-21526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21526"
},
{
"name": "CVE-2021-2172",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2172"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2022-21528",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21528"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2021-2299",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2299"
},
{
"name": "CVE-2020-2892",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2892"
},
{
"name": "CVE-2025-5959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5959"
},
{
"name": "CVE-2024-45772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45772"
},
{
"name": "CVE-2016-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2149"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2023-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21865"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2021-35640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35640"
},
{
"name": "CVE-2024-10464",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10464"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2020-2853",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2853"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-2783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
},
{
"name": "CVE-2025-1414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1414"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2018-3170",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3170"
},
{
"name": "CVE-2020-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2774"
},
{
"name": "CVE-2020-14771",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14771"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-3066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3066"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2019-2685",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2685"
},
{
"name": "CVE-2021-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2196"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-21197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21197"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2025-8037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8037"
},
{
"name": "CVE-2025-4918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4918"
},
{
"name": "CVE-2023-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21881"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2020-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14540"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2136"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-0439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0439"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2021-2305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2305"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-20304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20304"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-4090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4090"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2022-0667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0667"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2019-2740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2740"
},
{
"name": "CVE-2025-9180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9180"
},
{
"name": "CVE-2025-8581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8581"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-1919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1919"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-3030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3030"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2018-1273",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1273"
},
{
"name": "CVE-2022-21297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21297"
},
{
"name": "CVE-2023-47100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47100"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2020-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2901"
},
{
"name": "CVE-2025-0241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0241"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2020-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2694"
},
{
"name": "CVE-2025-8034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8034"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-4664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4664"
},
{
"name": "CVE-2021-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2021-35596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35596"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49710"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2021-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2427"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2021-35624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
},
{
"name": "CVE-2019-2819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2819"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2022-21452",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21452"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2021-2164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2164"
},
{
"name": "CVE-2021-2374",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2374"
},
{
"name": "CVE-2020-14547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14547"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2020-14870",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14870"
},
{
"name": "CVE-2025-9182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9182"
},
{
"name": "CVE-2021-35612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35612"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22047"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2019-2811",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2811"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2023-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21874"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2023-43785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2019-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2774"
},
{
"name": "CVE-2019-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2803"
},
{
"name": "CVE-2008-5727",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5727"
},
{
"name": "CVE-2025-1426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1426"
},
{
"name": "CVE-2025-6434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6434"
},
{
"name": "CVE-2020-14785",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14785"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2020-2760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2760"
},
{
"name": "CVE-2025-5066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5066"
},
{
"name": "CVE-2021-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2424"
},
{
"name": "CVE-2021-35604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2019-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2814"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2019-2606",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2606"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2024-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
},
{
"name": "CVE-2022-21530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21530"
},
{
"name": "CVE-2024-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11698"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2020-14891",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14891"
},
{
"name": "CVE-2019-2966",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2966"
},
{
"name": "CVE-2022-21415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21415"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2021-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2019-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2780"
},
{
"name": "CVE-2025-5064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5064"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2021-35537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35537"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2019-2530",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2530"
},
{
"name": "CVE-2019-2743",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2743"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2023-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22007"
},
{
"name": "CVE-2019-2737",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2737"
},
{
"name": "CVE-2018-1000169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000169"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2023-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21878"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2025-1931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1931"
},
{
"name": "CVE-2025-0612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0612"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2021-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2025-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7656"
},
{
"name": "CVE-2024-7012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7012"
},
{
"name": "CVE-2025-0237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0237"
},
{
"name": "CVE-2019-2991",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2991"
},
{
"name": "CVE-2025-5264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5264"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2020-14804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14804"
},
{
"name": "CVE-2013-1548",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1548"
},
{
"name": "CVE-2019-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2752"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2020-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2804"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2025-5115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
},
{
"name": "CVE-2025-4085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4085"
},
{
"name": "CVE-2022-21302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21302"
},
{
"name": "CVE-2021-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2412"
},
{
"name": "CVE-2019-2997",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2997"
},
{
"name": "CVE-2025-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3028"
},
{
"name": "CVE-2019-2746",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2746"
},
{
"name": "CVE-2025-9181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9181"
},
{
"name": "CVE-2025-6192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6192"
},
{
"name": "CVE-2025-2817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2817"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2025-5268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5268"
},
{
"name": "CVE-2022-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2022-21517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21517"
},
{
"name": "CVE-2019-3004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3004"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2019-2826",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2826"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2024-21198",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21198"
},
{
"name": "CVE-2020-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2928"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2019-2914",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2914"
},
{
"name": "CVE-2020-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14844"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-2770",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2770"
},
{
"name": "CVE-2021-35608",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35608"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2021-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2201"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2008-5729",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5729"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2023-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21883"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2019-2617",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2617"
},
{
"name": "CVE-2024-21201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21201"
},
{
"name": "CVE-2021-35647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35647"
},
{
"name": "CVE-2020-14559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14559"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-1932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1932"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2022-21539",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21539"
},
{
"name": "CVE-2025-3072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3072"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-0451",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0451"
},
{
"name": "CVE-2022-21440",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21440"
},
{
"name": "CVE-2023-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21977"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2020-2761",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2761"
},
{
"name": "CVE-2022-21531",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21531"
},
{
"name": "CVE-2024-10458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10458"
},
{
"name": "CVE-2024-10463",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10463"
},
{
"name": "CVE-2021-2300",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2300"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2024-10468",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10468"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
},
{
"name": "CVE-2020-14873",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14873"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-11703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11703"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2019-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2626"
},
{
"name": "CVE-2025-1010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1010"
},
{
"name": "CVE-2022-21479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21479"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2023-46129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46129"
},
{
"name": "CVE-2024-10460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10460"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2019-3009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3009"
},
{
"name": "CVE-2021-2307",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
},
{
"name": "CVE-2025-8880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8880"
},
{
"name": "CVE-2020-2679",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2679"
},
{
"name": "CVE-2019-2938",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2938"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2023-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22070"
},
{
"name": "CVE-2023-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39810"
},
{
"name": "CVE-2021-2014",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2014"
},
{
"name": "CVE-2021-2230",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2230"
},
{
"name": "CVE-2023-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21875"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2022-21515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21515"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2020-2897",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2897"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-1920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1920"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-4089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4089"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2020-2574",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2574"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2020-14769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14769"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2022-21527",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21527"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-31047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31047"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2016-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2160"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-9179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9179"
},
{
"name": "CVE-2021-23169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23169"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2021-35635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35635"
},
{
"name": "CVE-2025-3068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3068"
},
{
"name": "CVE-2025-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3619"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-3031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3031"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1016"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-4096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4096"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2021-35610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35610"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2429"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-11700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11700"
},
{
"name": "CVE-2024-11708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11708"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2020-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2922"
},
{
"name": "CVE-2020-2660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2660"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2024-21213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21213"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2019-2969",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2969"
},
{
"name": "CVE-2025-0247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0247"
},
{
"name": "CVE-2025-5263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5263"
},
{
"name": "CVE-2017-12195",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12195"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-35602",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35602"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2021-2146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
},
{
"name": "CVE-2024-11701",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11701"
},
{
"name": "CVE-2023-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21872"
},
{
"name": "CVE-2025-0443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0443"
},
{
"name": "CVE-2025-1019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1019"
},
{
"name": "CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-35577",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35577"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2020-14869",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14869"
},
{
"name": "CVE-2021-35646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35646"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2020-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2579"
},
{
"name": "CVE-2019-2778",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2778"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-4052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4052"
},
{
"name": "CVE-2025-1941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1941"
},
{
"name": "CVE-2019-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2625"
},
{
"name": "CVE-2024-21219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21219"
},
{
"name": "CVE-2025-8044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8044"
},
{
"name": "CVE-2021-35607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35607"
},
{
"name": "CVE-2019-2957",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2957"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2021-35625",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35625"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-21194",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21194"
},
{
"name": "CVE-2021-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
},
{
"name": "CVE-2025-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7657"
},
{
"name": "CVE-2019-2494",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2494"
},
{
"name": "CVE-2025-8041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8041"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2019-2911",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2911"
},
{
"name": "CVE-2019-2802",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2802"
},
{
"name": "CVE-2022-21414",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21414"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2021-2203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2203"
},
{
"name": "CVE-2019-2536",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2536"
},
{
"name": "CVE-2025-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3620"
},
{
"name": "CVE-2021-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2208"
},
{
"name": "CVE-2019-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2923"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2024-21196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21196"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2022-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
},
{
"name": "CVE-2021-2422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2422"
},
{
"name": "CVE-2020-14790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14790"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2022-21358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21358"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2024-21199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21199"
},
{
"name": "CVE-2019-2967",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2967"
},
{
"name": "CVE-2018-3186",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3186"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2025-6435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6435"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2024-11692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11692"
},
{
"name": "CVE-2020-2930",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2930"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2022-21608",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2021-2354",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2354"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-5189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5189"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-8901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8901"
},
{
"name": "CVE-2025-1020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1020"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2021-2367",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2367"
},
{
"name": "CVE-2025-0446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0446"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2021-35626",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35626"
},
{
"name": "CVE-2019-2535",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2535"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-0435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0435"
},
{
"name": "CVE-2021-2384",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2384"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2020-14799",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14799"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2021-35632",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35632"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2019-2796",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2796"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-21342",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21342"
},
{
"name": "CVE-2023-4156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4156"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2020-14793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14793"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-0999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0999"
},
{
"name": "CVE-2025-1921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1921"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2021-2007",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2007"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2025-8882",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8882"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2019-2798",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2798"
},
{
"name": "CVE-2022-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2020-14789",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14789"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2023-21840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-8577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8577"
},
{
"name": "CVE-2024-11699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11699"
},
{
"name": "CVE-2019-2789",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2789"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2020-2893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2893"
},
{
"name": "CVE-2020-14765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14765"
},
{
"name": "CVE-2025-3277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3277"
},
{
"name": "CVE-2018-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3137"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2019-2784",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2784"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2025-4087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4087"
},
{
"name": "CVE-2025-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
},
{
"name": "CVE-2018-3286",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3286"
},
{
"name": "CVE-2021-35648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35648"
},
{
"name": "CVE-2023-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2025-3033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3033"
},
{
"name": "CVE-2025-8879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8879"
},
{
"name": "CVE-2020-14866",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14866"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2021-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2437"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2021-4193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4193"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2021-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2193"
},
{
"name": "CVE-2024-11395",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11395"
},
{
"name": "CVE-2020-2577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2577"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2019-2758",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2758"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2019-2810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2810"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2025-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2137"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5419"
},
{
"name": "CVE-2021-2418",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2418"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2019-2631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2631"
},
{
"name": "CVE-2019-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2805"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2023-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21866"
},
{
"name": "CVE-2021-2411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2411"
},
{
"name": "CVE-2020-2790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2790"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2019-2623",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2623"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-6557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6557"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2021-35597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35597"
},
{
"name": "CVE-2025-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1916"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2021-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2425"
},
{
"name": "CVE-2025-1006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1006"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2022-21553",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21553"
},
{
"name": "CVE-2022-21451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2022-21301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21301"
},
{
"name": "CVE-2021-2001",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2001"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2021-2144",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
},
{
"name": "CVE-2025-8582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8582"
},
{
"name": "CVE-2022-21264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21264"
},
{
"name": "CVE-2020-14836",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14836"
},
{
"name": "CVE-2021-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3875"
},
{
"name": "CVE-2021-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2444"
},
{
"name": "CVE-2025-1933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1933"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2019-2785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2785"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2025-1942",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1942"
},
{
"name": "CVE-2025-0239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0239"
},
{
"name": "CVE-2021-2301",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2301"
},
{
"name": "CVE-2019-2797",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2797"
},
{
"name": "CVE-2020-2903",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2903"
},
{
"name": "CVE-2020-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
},
{
"name": "CVE-2022-21362",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21362"
},
{
"name": "CVE-2021-35628",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35628"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-5265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5265"
},
{
"name": "CVE-2024-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11697"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2021-4122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2019-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2686"
},
{
"name": "CVE-2021-2154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2021-2399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2399"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-3067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3067"
},
{
"name": "CVE-2020-2627",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2627"
},
{
"name": "CVE-2022-21509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21509"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2005-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2541"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-22028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22028"
},
{
"name": "CVE-2019-2946",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2946"
},
{
"name": "CVE-2025-8578",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8578"
},
{
"name": "CVE-2020-14888",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14888"
},
{
"name": "CVE-2025-8039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8039"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2025-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1011"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2021-2010",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2010"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2021-35546",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35546"
},
{
"name": "CVE-2021-2298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2298"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2025-0442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0442"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2019-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2694"
},
{
"name": "CVE-2025-8580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8580"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-1930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1930"
},
{
"name": "CVE-2020-14809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14809"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2021-2339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2339"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2025-0997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0997"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2020-14550",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14550"
},
{
"name": "CVE-2021-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2018-3203",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3203"
},
{
"name": "CVE-2025-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0441"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2022-21457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21457"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2019-2822",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2822"
},
{
"name": "CVE-2019-2502",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2502"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2024-21212",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21212"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2021-2032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2032"
},
{
"name": "CVE-2017-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
},
{
"name": "CVE-2019-2801",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2801"
},
{
"name": "CVE-2024-21193",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21193"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2019-3011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3011"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2023-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21871"
},
{
"name": "CVE-2021-2356",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
},
{
"name": "CVE-2020-2926",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2926"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2020-14846",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14846"
},
{
"name": "CVE-2022-21249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21249"
},
{
"name": "CVE-2024-21241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21241"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2021-2171",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
},
{
"name": "CVE-2019-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2436"
},
{
"name": "CVE-2022-21265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21265"
},
{
"name": "CVE-2022-21254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21254"
},
{
"name": "CVE-2025-1009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1009"
},
{
"name": "CVE-2025-9185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9185"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2024-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11695"
},
{
"name": "CVE-2025-6433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6433"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2019-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2513"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2020-14827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14827"
},
{
"name": "CVE-2025-6427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6427"
},
{
"name": "CVE-2019-2689",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2689"
},
{
"name": "CVE-2025-6430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6430"
},
{
"name": "CVE-2019-2747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2747"
},
{
"name": "CVE-2025-4092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4092"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2020-2904",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2904"
},
{
"name": "CVE-2019-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2998"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2021-2178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
},
{
"name": "CVE-2021-35591",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35591"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-0995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0995"
},
{
"name": "CVE-2025-6429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6429"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2022-21455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21455"
},
{
"name": "CVE-2024-11704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11704"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2022-21413",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21413"
},
{
"name": "CVE-2022-0635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0635"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2022-21372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21372"
},
{
"name": "CVE-2018-3182",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3182"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2020-12723",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
},
{
"name": "CVE-2023-22032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22032"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2021-35637",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35637"
},
{
"name": "CVE-2022-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
},
{
"name": "CVE-2025-1943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1943"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-5272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5272"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2021-20298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20298"
},
{
"name": "CVE-2023-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21887"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2019-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2624"
},
{
"name": "CVE-2021-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22055"
},
{
"name": "CVE-2020-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2812"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2025-6556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6556"
},
{
"name": "CVE-2025-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8262"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2025-1917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1917"
},
{
"name": "CVE-2022-21256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21256"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2019-2687",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2687"
},
{
"name": "CVE-2025-8292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8292"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0444"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2020-14845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14845"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2022-21556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21556"
},
{
"name": "CVE-2025-4372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4372"
},
{
"name": "CVE-2024-11691",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11691"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2020-2896",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2896"
},
{
"name": "CVE-2021-2410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2410"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2025-6426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6426"
},
{
"name": "CVE-2020-14800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14800"
},
{
"name": "CVE-2025-6558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
},
{
"name": "CVE-2025-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8035"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2023-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21873"
},
{
"name": "CVE-2021-2308",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2308"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2022-21368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21368"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2025-8579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8579"
},
{
"name": "CVE-2021-2402",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2402"
},
{
"name": "CVE-2024-21236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21236"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-11705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11705"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21863"
},
{
"name": "CVE-2020-2763",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2763"
},
{
"name": "CVE-2008-5728",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5728"
},
{
"name": "CVE-2025-6436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6436"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2020-14852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14852"
},
{
"name": "CVE-2019-2974",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2974"
},
{
"name": "CVE-2023-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21876"
},
{
"name": "CVE-2024-11702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11702"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2025-8583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8583"
},
{
"name": "CVE-2025-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4083"
},
{
"name": "CVE-2020-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14868"
},
{
"name": "CVE-2020-14814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14814"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2020-14837",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14837"
},
{
"name": "CVE-2019-2644",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2644"
},
{
"name": "CVE-2025-1918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1918"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2020-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2589"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2021-2036",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2036"
},
{
"name": "CVE-2024-21137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21137"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-21417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
},
{
"name": "CVE-2021-2479",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2479"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2024-21239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21239"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2021-35629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35629"
},
{
"name": "CVE-2020-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2814"
},
{
"name": "CVE-2019-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2922"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2025-0243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0243"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2025-1935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1935"
},
{
"name": "CVE-2018-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3145"
},
{
"name": "CVE-2025-6425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6425"
},
{
"name": "CVE-2025-26519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26519"
},
{
"name": "CVE-2021-2340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2340"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2022-21437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21437"
},
{
"name": "CVE-2022-21425",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21425"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2025-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3074"
},
{
"name": "CVE-2022-21537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21537"
},
{
"name": "CVE-2024-10487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
},
{
"name": "CVE-2019-2580",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2580"
},
{
"name": "CVE-2023-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21867"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2022-21547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21547"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2019-2587",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2587"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2025-8043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8043"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2025-5270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5270"
},
{
"name": "CVE-2021-35627",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35627"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2019-2910",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2910"
},
{
"name": "CVE-2020-14539",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14539"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2019-2593",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2593"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2023-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21869"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-1940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1940"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2019-2963",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2963"
},
{
"name": "CVE-2021-2387",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2387"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2022-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21348"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2020-14672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14672"
},
{
"name": "CVE-2021-2293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2293"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2020-14830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14830"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2025-8010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8010"
},
{
"name": "CVE-2021-2370",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2370"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2025-4082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4082"
},
{
"name": "CVE-2021-35644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35644"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2022-21592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8036"
},
{
"name": "CVE-2021-35631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35631"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-1915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1915"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-8032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8032"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2019-10782",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10782"
},
{
"name": "CVE-2024-11693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11693"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14893"
},
{
"name": "CVE-2021-35642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35642"
},
{
"name": "CVE-2023-43787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
},
{
"name": "CVE-2019-2948",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2948"
},
{
"name": "CVE-2023-43786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
},
{
"name": "CVE-2021-2278",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2278"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2019-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2924"
},
{
"name": "CVE-2025-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3608"
},
{
"name": "CVE-2021-2226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
},
{
"name": "CVE-2021-25214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25214"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2020-2779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2779"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2023-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21836"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-6432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6432"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2025-3029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3029"
},
{
"name": "CVE-2025-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1934"
},
{
"name": "CVE-2020-28500",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
},
{
"name": "CVE-2020-14794",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14794"
},
{
"name": "CVE-2019-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2634"
},
{
"name": "CVE-2025-3034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3034"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2023-22078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22078"
},
{
"name": "CVE-2020-14786",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14786"
},
{
"name": "CVE-2023-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21870"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-9187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9187"
},
{
"name": "CVE-2021-35638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35638"
},
{
"name": "CVE-2022-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21534"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-9183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9183"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2008-5742",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5742"
},
{
"name": "CVE-2024-10466",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10466"
},
{
"name": "CVE-2021-20193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2019-2533",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2533"
},
{
"name": "CVE-2025-4050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4050"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2020-14828",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14828"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2020-2759",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2759"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-1937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1937"
},
{
"name": "CVE-2020-14812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14812"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2025-9184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9184"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2025-1014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1014"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1013"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2023-21879",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21879"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-0762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0762"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11694"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2020-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2573"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2022-21444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
},
{
"name": "CVE-2025-1018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1018"
},
{
"name": "CVE-2020-2806",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2806"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2020-14838",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14838"
},
{
"name": "CVE-2019-2791",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2791"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2024-2397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2397"
},
{
"name": "CVE-2022-21378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21378"
},
{
"name": "CVE-2025-8040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8040"
},
{
"name": "CVE-2024-10465",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10465"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-5068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5068"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2019-2815",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2815"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2021-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2440"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2019-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2695"
},
{
"name": "CVE-2021-35634",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35634"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2021-2304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2304"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2021-2179",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2018-3285",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3285"
},
{
"name": "CVE-2019-2738",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2738"
},
{
"name": "CVE-2025-1017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1017"
},
{
"name": "CVE-2020-14821",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14821"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2021-2169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2023-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
},
{
"name": "CVE-2020-2572",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2572"
},
{
"name": "CVE-2020-2570",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2570"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2021-2060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2060"
},
{
"name": "CVE-2021-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2417"
},
{
"name": "CVE-2025-3035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3035"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2018-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3212"
},
{
"name": "CVE-2020-2895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2895"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21569",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21569"
},
{
"name": "CVE-2020-2925",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2925"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2019-2636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2636"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-6424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6424"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2021-35622",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35622"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-1914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1914"
},
{
"name": "CVE-2025-8029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8029"
},
{
"name": "CVE-2025-5067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5067"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2021-2212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2212"
},
{
"name": "CVE-2019-2691",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2691"
},
{
"name": "CVE-2021-2232",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2232"
},
{
"name": "CVE-2019-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2812"
},
{
"name": "CVE-2025-9132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9132"
},
{
"name": "CVE-2021-35643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35643"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-2478",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2478"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2020-16156",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16156"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-8038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8038"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2021-2481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2481"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2019-2739",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2739"
},
{
"name": "CVE-2015-2214",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2214"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2019-2968",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2968"
},
{
"name": "CVE-2023-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22053"
},
{
"name": "CVE-2025-0438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0438"
},
{
"name": "CVE-2021-25219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25219"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2020-14776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14776"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2019-2688",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2688"
},
{
"name": "CVE-2020-14860",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14860"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2023-4320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4320"
},
{
"name": "CVE-2025-1922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1922"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2025-0437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0437"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2025-8028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8028"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2025-49709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49709"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2024-11706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11706"
},
{
"name": "CVE-2025-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4051"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2017-12629",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12629"
},
{
"name": "CVE-2021-35645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35645"
},
{
"name": "CVE-2020-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2780"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-5063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5063"
},
{
"name": "CVE-2018-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3195"
},
{
"name": "CVE-2025-3071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3071"
},
{
"name": "CVE-2024-50073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
},
{
"name": "CVE-2020-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14567"
},
{
"name": "CVE-2019-2539",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2539"
},
{
"name": "CVE-2022-21525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21525"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2022-21352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21352"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-8011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8011"
},
{
"name": "CVE-2025-0436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0436"
},
{
"name": "CVE-2023-22114",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22114"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-0447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0447"
},
{
"name": "CVE-2021-2213",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2213"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2024-21209",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21209"
},
{
"name": "CVE-2025-8033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8033"
},
{
"name": "CVE-2021-22570",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22570"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2023-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22097"
},
{
"name": "CVE-2020-2765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2765"
},
{
"name": "CVE-2020-14791",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14791"
},
{
"name": "CVE-2023-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21880"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-8030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8030"
},
{
"name": "CVE-2024-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11696"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
},
{
"name": "CVE-2008-5730",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5730"
},
{
"name": "CVE-2021-2217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2217"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-3073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3073"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2019-9658",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9658"
},
{
"name": "CVE-2025-6191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6191"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-21454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2018-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1196"
},
{
"name": "CVE-2022-21427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2025-5271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5271"
},
{
"name": "CVE-2022-21374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21374"
},
{
"name": "CVE-2021-35630",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35630"
},
{
"name": "CVE-2025-6554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6554"
},
{
"name": "CVE-2025-5266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5266"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2020-14553",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14553"
},
{
"name": "CVE-2025-8031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8031"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2022-21462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21462"
},
{
"name": "CVE-2019-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2584"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2019-2635",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2635"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2022-21478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21478"
},
{
"name": "CVE-2025-29087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29087"
},
{
"name": "CVE-2019-2693",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2693"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2019-2741",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2741"
},
{
"name": "CVE-2025-46392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2022-21370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21370"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2426"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-1936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1936"
},
{
"name": "CVE-2025-5958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5958"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2019-2950",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2950"
},
{
"name": "CVE-2025-0238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0238"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2021-35641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35641"
},
{
"name": "CVE-2025-2476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2476"
},
{
"name": "CVE-2019-2620",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2620"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-21588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21588"
},
{
"name": "CVE-2019-2960",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2960"
},
{
"name": "CVE-2025-0998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0998"
},
{
"name": "CVE-2022-21459",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21459"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2019-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2795"
},
{
"name": "CVE-2021-2011",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2011"
},
{
"name": "CVE-2022-21412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21412"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2020-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2584"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
},
{
"name": "CVE-2019-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2834"
},
{
"name": "CVE-2020-14775",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14775"
},
{
"name": "CVE-2022-21438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21438"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2020-14760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14760"
},
{
"name": "CVE-2021-2383",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2383"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2025-1923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1923"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2021-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2022-21339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21339"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1938"
},
{
"name": "CVE-2023-22059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22059"
},
{
"name": "CVE-2020-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2923"
},
{
"name": "CVE-2025-4919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4919"
},
{
"name": "CVE-2019-2681",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2681"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0240"
},
{
"name": "CVE-2023-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22066"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2019-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2757"
},
{
"name": "CVE-2020-14848",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14848"
},
{
"name": "CVE-2018-3280",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3280"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2020-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2924"
},
{
"name": "CVE-2025-8576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8576"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-1012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1012"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-5267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5267"
},
{
"name": "CVE-2022-27772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27772"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2025-6555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6555"
},
{
"name": "CVE-2022-0396",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0396"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2025-0245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0245"
},
{
"name": "CVE-2019-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2830"
},
{
"name": "CVE-2021-35633",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35633"
},
{
"name": "CVE-2024-10462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10462"
},
{
"name": "CVE-2023-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22068"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2020-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14867"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0756",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36093",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36093"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36102",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36102"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36101",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36101"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36100",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36100"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36105",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36105"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36091",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36091"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36078",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36078"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36107",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36107"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36094",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36094"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36097",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36097"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-46",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36104"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36108",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36108"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36095",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36095"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-09",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36090"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36096",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36096"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36106",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36106"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36109",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36109"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36098",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36098"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36111"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36103",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36103"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36099",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36099"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36092",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36092"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36110",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36110"
}
]
}
CERTFR-2025-AVI-0967
Vulnerability from certfr_avis - Published: 2025-11-05 - Updated: 2025-11-05
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | File Integrity Monitoring pour VMware Tanzu Platform versions antérieures à 2.1.49 | ||
| VMware | Tanzu Platform | Cloud Service Broker pour Azure pour VMware Tanzu Platform versions antérieures à 1.13.1 | ||
| VMware | Tanzu Platform | AI Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Platform | Scheduler pour VMware Tanzu Platform versions antérieures à 2.0.21 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.1.4 | ||
| VMware | Tanzu Platform | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Platform | .NET Core Buildpack versions antérieures à 2.4.64 | ||
| VMware | Tanzu Platform | VMware Tanzu Data Flow sur Tanzu Platform versions antérieures à 2.0.0 | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.2.4 | ||
| VMware | Tanzu Platform | CredHub Secrets Management pour VMware Tanzu Platform versions antérieures à 1.6.7 | ||
| VMware | Tanzu Platform | Extended App Support pour Tanzu Platform versions antérieures à 1.0.8 | ||
| VMware | Tanzu Platform | Go Buildpack versions antérieures à 1.10.57 | ||
| VMware | Tanzu Platform | VMware Tanzu RabbitMQ sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Platform | NodeJS Buildpack versions antérieures à 1.8.61 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.2.0 | ||
| VMware | Tanzu Platform | Application Services pour VMware Tanzu Platform versions antérieures à 3.3.11 | ||
| VMware | Tanzu Platform | IPsec Encryption pour VMware Tanzu Platform versions antérieures à 1.9.68 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "File Integrity Monitoring pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.1.49",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Service Broker pour Azure pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.13.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "AI Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Scheduler pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.0.21",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.1.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": ".NET Core Buildpack versions ant\u00e9rieures \u00e0 2.4.64",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu Data Flow sur Tanzu Platform versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Secrets Management pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.6.7",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Extended App Support pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.8",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Go Buildpack versions ant\u00e9rieures \u00e0 1.10.57",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu RabbitMQ sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.61",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Application Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.3.11",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "IPsec Encryption pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.9.68",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2024-36138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2024-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2024-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21890"
},
{
"name": "CVE-2024-21896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21896"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2024-7409",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7409"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2024-6505",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6505"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-43484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43484"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2024-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22025"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-54798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54798"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2024-3447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3447"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2023-46809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46809"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38229"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2024-43483",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43483"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-58446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58446"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2024-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3446"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2024-22019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22019"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2024-4467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4467"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2023-30584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30584"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21892"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-37372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2024-43485",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43485"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2024-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21891"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22017"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-61620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61620"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2024-8244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8244"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2023-39331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2023-39332",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2024-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2023-39333",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39333"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2024-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
}
],
"initial_release_date": "2025-11-05T00:00:00",
"last_revision_date": "2025-11-05T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0967",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36323",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36323"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36343",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36343"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-99",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36326"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36305",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36305"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36345",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36345"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36329"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-81",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36316"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36331"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36334",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36334"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36335",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36335"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36340",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36340"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36319",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36319"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36339",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36339"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36322",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36322"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36321",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36321"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36324"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36336",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36336"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36318",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36318"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36337",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36337"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36346",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36346"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-81",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36315"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36317",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36317"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36344",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36344"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36341",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36341"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36314",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36314"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36330"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36332",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36332"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36304",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36304"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36342",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36342"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36333",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36333"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-99",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36327"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36338",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36338"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36328"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36325"
}
]
}
CERTFR-2025-AVI-0622
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry Windows | ||
| VMware | N/A | Stemcells sans le dernier correctif de sécurité | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu | Anti-Virus sans le dernier correctif de sécurité pour Tanzu version 2.4.0 | ||
| VMware | Tanzu | Scheduler sans le dernier correctif de sécurité pour Tanzu version 2.0.19 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | GenAI sans le dernier correctif de sécurité pour Tanzu Platform pour Cloud Foundry version 10.2.1 | ||
| VMware | Tanzu Application Service | Tanzu Application Service versions antérieures à 1.16.11 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Services sans le dernier correctif de sécurité pour Tanzu version 3.3.8 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Data Flow sans le dernier correctif de sécurité pour Tanzu version 1.14.7 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Application Service | Single Sign-On sans le dernier correctif de sécurité pour Tanzu Application Service version 1.16.11 | ||
| VMware | Tanzu | File Integrity Monitoring sans le dernier correctif de sécurité pour Tanzu version 2.1.47 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Anti-Virus sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.4.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Scheduler sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.0.19",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "GenAI sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Platform pour Cloud Foundry version 10.2.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 3.3.8",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 1.14.7",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Application Service version 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "File Integrity Monitoring sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.1.47",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2023-28755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28755"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2023-28841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2023-28840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2020-36843",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36843"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-3445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3445"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2024-21012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21012"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-24579",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24579"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-28948",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28948"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2022-31030",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2023-2253",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-33202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2024-24557",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24557"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2024-0406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0406"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2024-6104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6104"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-30691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30691"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2024-40635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40635"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2023-28842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2022-36056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36056"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2023-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
},
{
"name": "CVE-2024-41909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41909"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2022-36109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36109"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2023-36617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36617"
},
{
"name": "CVE-2023-33199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33199"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2022-24769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24769"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2023-30551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30551"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-35929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35929"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2024-52587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52587"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2022-29173",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29173"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2024-29902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29902"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2025-47290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47290"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2024-27282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27282"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2023-46737",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46737"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-4949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4949"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-28756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28756"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-29903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29903"
},
{
"name": "CVE-2025-4575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4575"
},
{
"name": "CVE-2022-21698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
},
{
"name": "CVE-2025-32441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32441"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0622",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35981",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35981"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35967",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35967"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35980",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35980"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35974",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35974"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35979",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35979"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35984",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35984"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35970",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35970"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35983",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35983"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35978",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35978"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35968",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35968"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35973",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35973"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35976",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35976"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35969",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35969"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35966",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35966"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35972",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35972"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35977",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35977"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35982",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35982"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35971",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35971"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35975",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35975"
}
]
}
CERTFR-2025-AVI-0939
Vulnerability from certfr_avis - Published: 2025-10-30 - Updated: 2025-10-30
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Splunk AppDynamics Analytics Agent | Splunk AppDynamics Analytics Agent versions 25.7.x antérieures à 25.7.0 | ||
| Splunk | Splunk AppDynamics Private Synthetic Agent | Splunk AppDynamics Private Synthetic Agent versions 25.7.x antérieures à 25.7.0 | ||
| Splunk | Splunk Operator for Kubernetes | Greffon Splunk Operator for Kubernetes versions 3.0.x antérieures à 3.0.0 | ||
| Splunk | Splunk AppDynamics Machine Agent | Splunk AppDynamics Machine Agent versions 25.7.x antérieures à 25.7.0 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Splunk AppDynamics Analytics Agent versions 25.7.x ant\u00e9rieures \u00e0 25.7.0",
"product": {
"name": "Splunk AppDynamics Analytics Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Private Synthetic Agent versions 25.7.x ant\u00e9rieures \u00e0 25.7.0",
"product": {
"name": "Splunk AppDynamics Private Synthetic Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Greffon Splunk Operator for Kubernetes versions 3.0.x ant\u00e9rieures \u00e0 3.0.0",
"product": {
"name": "Splunk Operator for Kubernetes",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Machine Agent versions 25.7.x ant\u00e9rieures \u00e0 25.7.0",
"product": {
"name": "Splunk AppDynamics Machine Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-45159",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45159"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-3360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3360"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-48622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48622"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
}
],
"initial_release_date": "2025-10-30T00:00:00",
"last_revision_date": "2025-10-30T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0939",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-30T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1009",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1009"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1011",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1011"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1010",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1010"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1008",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1008"
}
]
}
CERTFR-2025-AVI-0754
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Gemfire | Tanzu GemFire Management Console versions antérieures à 1.4.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions antérieures à 7.5.4 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu GemFire Management Console versions ant\u00e9rieures \u00e0 1.4.0",
"product": {
"name": "Tanzu Gemfire",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 7.5.4",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2021-45078",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45078"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2024-6104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6104"
},
{
"name": "CVE-2022-44840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44840"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0754",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware TNZ-2025-0094",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36085"
},
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware TNZ-2025-0095",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36086"
}
]
}
CERTFR-2025-AVI-0756
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 6.0.19+LTS-T | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 10.0.9 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T | ||
| VMware | Tanzu Operations Manager | Tanzu Operations Manager versions antérieures à 3.1.2 | ||
| VMware | Tanzu | Tanzu Scheduler versions antérieures à 2.0.20 | ||
| VMware | Tanzu | Spring Cloud Services for VMware Tanzu versions antérieures à 3.3.9 | ||
| VMware | Tanzu | Single Sign-On for VMware Tanzu Application Service versions antérieures à 1.16.12 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy Azure Light versions antérieures à 1.894 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy versions antérieures à 1.894 | ||
| VMware | Tanzu | Tanzu Hub versions antérieures à 10.2.1 | ||
| VMware | Tanzu | Java Buildpack versions antérieures à 4.84.0 | ||
| VMware | Tanzu | Tanzu for MySQL on Cloud Foundry versions antérieures à 10.0.2 | ||
| VMware | Tanzu | Tanzu GemFire versions antérieures à 10.1.4 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.19+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.0.9",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Operations Manager versions ant\u00e9rieures \u00e0 3.1.2",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Scheduler versions ant\u00e9rieures \u00e0 2.0.20",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services for VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.9",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On for VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.12",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy Azure Light versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.84.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for MySQL on Cloud Foundry versions ant\u00e9rieures \u00e0 10.0.2",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 10.1.4",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2025-4088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4088"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2021-35636",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35636"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2025-0448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0448"
},
{
"name": "CVE-2021-35583",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35583"
},
{
"name": "CVE-2025-3032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3032"
},
{
"name": "CVE-2019-2585",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2585"
},
{
"name": "CVE-2021-2352",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2352"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2021-3236",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3236"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2020-14861",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14861"
},
{
"name": "CVE-2025-0242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0242"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2021-35639",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35639"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2018-3279",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3279"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2019-2982",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2982"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2022-21253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21253"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2024-10467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10467"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2022-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21538"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2025-5281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5281"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2019-2808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2808"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-35575",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35575"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-8027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8027"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2022-21436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21436"
},
{
"name": "CVE-2025-2857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2857"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2020-14773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14773"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2023-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5841"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2023-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22015"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2019-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2589"
},
{
"name": "CVE-2023-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22103"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2022-21418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21418"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2021-2441",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2441"
},
{
"name": "CVE-2025-1939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1939"
},
{
"name": "CVE-2023-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21877"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2020-2921",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2921"
},
{
"name": "CVE-2021-2357",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2357"
},
{
"name": "CVE-2025-0440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0440"
},
{
"name": "CVE-2024-21207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21207"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2025-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4091"
},
{
"name": "CVE-2025-5065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5065"
},
{
"name": "CVE-2025-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0996"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2019-2596",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2596"
},
{
"name": "CVE-2019-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2879"
},
{
"name": "CVE-2025-0445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0445"
},
{
"name": "CVE-2019-2630",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2630"
},
{
"name": "CVE-2025-9308",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9308"
},
{
"name": "CVE-2019-2607",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2607"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2022-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21522"
},
{
"name": "CVE-2024-10459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10459"
},
{
"name": "CVE-2019-2495",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2495"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2023-22026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22026"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2020-14829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14829"
},
{
"name": "CVE-2020-14576",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14576"
},
{
"name": "CVE-2022-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21529"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2023-39017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39017"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2025-0434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0434"
},
{
"name": "CVE-2022-21435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21435"
},
{
"name": "CVE-2020-14777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14777"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2019-3003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3003"
},
{
"name": "CVE-2020-14839",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14839"
},
{
"name": "CVE-2019-3018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3018"
},
{
"name": "CVE-2021-35623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35623"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2022-21460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
},
{
"name": "CVE-2025-8881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8881"
},
{
"name": "CVE-2019-2993",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2993"
},
{
"name": "CVE-2020-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2686"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2021-2170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2170"
},
{
"name": "CVE-2022-21379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21379"
},
{
"name": "CVE-2021-2215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2215"
},
{
"name": "CVE-2020-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2752"
},
{
"name": "CVE-2025-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4609"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2021-2022",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2022"
},
{
"name": "CVE-2024-10461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10461"
},
{
"name": "CVE-2022-21526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21526"
},
{
"name": "CVE-2021-2172",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2172"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2022-21528",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21528"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2021-2299",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2299"
},
{
"name": "CVE-2020-2892",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2892"
},
{
"name": "CVE-2025-5959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5959"
},
{
"name": "CVE-2024-45772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45772"
},
{
"name": "CVE-2016-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2149"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2023-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21865"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2021-35640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35640"
},
{
"name": "CVE-2024-10464",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10464"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2020-2853",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2853"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-2783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
},
{
"name": "CVE-2025-1414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1414"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2018-3170",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3170"
},
{
"name": "CVE-2020-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2774"
},
{
"name": "CVE-2020-14771",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14771"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-3066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3066"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2019-2685",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2685"
},
{
"name": "CVE-2021-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2196"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-21197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21197"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2025-8037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8037"
},
{
"name": "CVE-2025-4918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4918"
},
{
"name": "CVE-2023-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21881"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2020-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14540"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2136"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-0439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0439"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2021-2305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2305"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-20304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20304"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-4090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4090"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2022-0667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0667"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2019-2740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2740"
},
{
"name": "CVE-2025-9180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9180"
},
{
"name": "CVE-2025-8581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8581"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-1919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1919"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-3030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3030"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2018-1273",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1273"
},
{
"name": "CVE-2022-21297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21297"
},
{
"name": "CVE-2023-47100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47100"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2020-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2901"
},
{
"name": "CVE-2025-0241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0241"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2020-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2694"
},
{
"name": "CVE-2025-8034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8034"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-4664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4664"
},
{
"name": "CVE-2021-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2021-35596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35596"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49710"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2021-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2427"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2021-35624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
},
{
"name": "CVE-2019-2819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2819"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2022-21452",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21452"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2021-2164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2164"
},
{
"name": "CVE-2021-2374",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2374"
},
{
"name": "CVE-2020-14547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14547"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2020-14870",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14870"
},
{
"name": "CVE-2025-9182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9182"
},
{
"name": "CVE-2021-35612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35612"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22047"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2019-2811",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2811"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2023-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21874"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2023-43785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2019-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2774"
},
{
"name": "CVE-2019-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2803"
},
{
"name": "CVE-2008-5727",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5727"
},
{
"name": "CVE-2025-1426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1426"
},
{
"name": "CVE-2025-6434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6434"
},
{
"name": "CVE-2020-14785",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14785"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2020-2760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2760"
},
{
"name": "CVE-2025-5066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5066"
},
{
"name": "CVE-2021-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2424"
},
{
"name": "CVE-2021-35604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2019-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2814"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2019-2606",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2606"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2024-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
},
{
"name": "CVE-2022-21530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21530"
},
{
"name": "CVE-2024-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11698"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2020-14891",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14891"
},
{
"name": "CVE-2019-2966",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2966"
},
{
"name": "CVE-2022-21415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21415"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2021-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2019-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2780"
},
{
"name": "CVE-2025-5064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5064"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2021-35537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35537"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2019-2530",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2530"
},
{
"name": "CVE-2019-2743",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2743"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2023-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22007"
},
{
"name": "CVE-2019-2737",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2737"
},
{
"name": "CVE-2018-1000169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000169"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2023-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21878"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2025-1931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1931"
},
{
"name": "CVE-2025-0612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0612"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2021-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2025-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7656"
},
{
"name": "CVE-2024-7012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7012"
},
{
"name": "CVE-2025-0237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0237"
},
{
"name": "CVE-2019-2991",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2991"
},
{
"name": "CVE-2025-5264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5264"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2020-14804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14804"
},
{
"name": "CVE-2013-1548",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1548"
},
{
"name": "CVE-2019-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2752"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2020-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2804"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2025-5115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
},
{
"name": "CVE-2025-4085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4085"
},
{
"name": "CVE-2022-21302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21302"
},
{
"name": "CVE-2021-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2412"
},
{
"name": "CVE-2019-2997",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2997"
},
{
"name": "CVE-2025-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3028"
},
{
"name": "CVE-2019-2746",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2746"
},
{
"name": "CVE-2025-9181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9181"
},
{
"name": "CVE-2025-6192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6192"
},
{
"name": "CVE-2025-2817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2817"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2025-5268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5268"
},
{
"name": "CVE-2022-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2022-21517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21517"
},
{
"name": "CVE-2019-3004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3004"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2019-2826",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2826"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2024-21198",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21198"
},
{
"name": "CVE-2020-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2928"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2019-2914",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2914"
},
{
"name": "CVE-2020-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14844"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-2770",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2770"
},
{
"name": "CVE-2021-35608",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35608"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2021-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2201"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2008-5729",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5729"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2023-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21883"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2019-2617",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2617"
},
{
"name": "CVE-2024-21201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21201"
},
{
"name": "CVE-2021-35647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35647"
},
{
"name": "CVE-2020-14559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14559"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-1932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1932"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2022-21539",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21539"
},
{
"name": "CVE-2025-3072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3072"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-0451",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0451"
},
{
"name": "CVE-2022-21440",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21440"
},
{
"name": "CVE-2023-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21977"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2020-2761",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2761"
},
{
"name": "CVE-2022-21531",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21531"
},
{
"name": "CVE-2024-10458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10458"
},
{
"name": "CVE-2024-10463",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10463"
},
{
"name": "CVE-2021-2300",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2300"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2024-10468",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10468"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
},
{
"name": "CVE-2020-14873",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14873"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-11703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11703"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2019-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2626"
},
{
"name": "CVE-2025-1010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1010"
},
{
"name": "CVE-2022-21479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21479"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2023-46129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46129"
},
{
"name": "CVE-2024-10460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10460"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2019-3009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3009"
},
{
"name": "CVE-2021-2307",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
},
{
"name": "CVE-2025-8880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8880"
},
{
"name": "CVE-2020-2679",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2679"
},
{
"name": "CVE-2019-2938",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2938"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2023-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22070"
},
{
"name": "CVE-2023-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39810"
},
{
"name": "CVE-2021-2014",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2014"
},
{
"name": "CVE-2021-2230",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2230"
},
{
"name": "CVE-2023-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21875"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2022-21515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21515"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2020-2897",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2897"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-1920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1920"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-4089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4089"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2020-2574",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2574"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2020-14769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14769"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2022-21527",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21527"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-31047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31047"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2016-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2160"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-9179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9179"
},
{
"name": "CVE-2021-23169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23169"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2021-35635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35635"
},
{
"name": "CVE-2025-3068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3068"
},
{
"name": "CVE-2025-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3619"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-3031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3031"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1016"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-4096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4096"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2021-35610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35610"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2429"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-11700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11700"
},
{
"name": "CVE-2024-11708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11708"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2020-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2922"
},
{
"name": "CVE-2020-2660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2660"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2024-21213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21213"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2019-2969",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2969"
},
{
"name": "CVE-2025-0247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0247"
},
{
"name": "CVE-2025-5263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5263"
},
{
"name": "CVE-2017-12195",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12195"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-35602",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35602"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2021-2146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
},
{
"name": "CVE-2024-11701",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11701"
},
{
"name": "CVE-2023-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21872"
},
{
"name": "CVE-2025-0443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0443"
},
{
"name": "CVE-2025-1019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1019"
},
{
"name": "CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-35577",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35577"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2020-14869",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14869"
},
{
"name": "CVE-2021-35646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35646"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2020-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2579"
},
{
"name": "CVE-2019-2778",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2778"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-4052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4052"
},
{
"name": "CVE-2025-1941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1941"
},
{
"name": "CVE-2019-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2625"
},
{
"name": "CVE-2024-21219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21219"
},
{
"name": "CVE-2025-8044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8044"
},
{
"name": "CVE-2021-35607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35607"
},
{
"name": "CVE-2019-2957",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2957"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2021-35625",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35625"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-21194",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21194"
},
{
"name": "CVE-2021-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
},
{
"name": "CVE-2025-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7657"
},
{
"name": "CVE-2019-2494",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2494"
},
{
"name": "CVE-2025-8041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8041"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2019-2911",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2911"
},
{
"name": "CVE-2019-2802",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2802"
},
{
"name": "CVE-2022-21414",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21414"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2021-2203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2203"
},
{
"name": "CVE-2019-2536",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2536"
},
{
"name": "CVE-2025-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3620"
},
{
"name": "CVE-2021-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2208"
},
{
"name": "CVE-2019-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2923"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2024-21196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21196"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2022-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
},
{
"name": "CVE-2021-2422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2422"
},
{
"name": "CVE-2020-14790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14790"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2022-21358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21358"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2024-21199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21199"
},
{
"name": "CVE-2019-2967",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2967"
},
{
"name": "CVE-2018-3186",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3186"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2025-6435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6435"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2024-11692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11692"
},
{
"name": "CVE-2020-2930",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2930"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2022-21608",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2021-2354",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2354"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-5189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5189"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-8901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8901"
},
{
"name": "CVE-2025-1020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1020"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2021-2367",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2367"
},
{
"name": "CVE-2025-0446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0446"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2021-35626",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35626"
},
{
"name": "CVE-2019-2535",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2535"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-0435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0435"
},
{
"name": "CVE-2021-2384",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2384"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2020-14799",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14799"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2021-35632",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35632"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2019-2796",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2796"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-21342",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21342"
},
{
"name": "CVE-2023-4156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4156"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2020-14793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14793"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-0999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0999"
},
{
"name": "CVE-2025-1921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1921"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2021-2007",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2007"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2025-8882",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8882"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2019-2798",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2798"
},
{
"name": "CVE-2022-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2020-14789",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14789"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2023-21840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-8577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8577"
},
{
"name": "CVE-2024-11699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11699"
},
{
"name": "CVE-2019-2789",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2789"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2020-2893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2893"
},
{
"name": "CVE-2020-14765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14765"
},
{
"name": "CVE-2025-3277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3277"
},
{
"name": "CVE-2018-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3137"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2019-2784",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2784"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2025-4087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4087"
},
{
"name": "CVE-2025-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
},
{
"name": "CVE-2018-3286",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3286"
},
{
"name": "CVE-2021-35648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35648"
},
{
"name": "CVE-2023-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2025-3033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3033"
},
{
"name": "CVE-2025-8879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8879"
},
{
"name": "CVE-2020-14866",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14866"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2021-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2437"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2021-4193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4193"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2021-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2193"
},
{
"name": "CVE-2024-11395",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11395"
},
{
"name": "CVE-2020-2577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2577"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2019-2758",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2758"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2019-2810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2810"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2025-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2137"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5419"
},
{
"name": "CVE-2021-2418",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2418"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2019-2631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2631"
},
{
"name": "CVE-2019-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2805"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2023-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21866"
},
{
"name": "CVE-2021-2411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2411"
},
{
"name": "CVE-2020-2790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2790"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2019-2623",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2623"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-6557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6557"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2021-35597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35597"
},
{
"name": "CVE-2025-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1916"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2021-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2425"
},
{
"name": "CVE-2025-1006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1006"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2022-21553",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21553"
},
{
"name": "CVE-2022-21451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2022-21301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21301"
},
{
"name": "CVE-2021-2001",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2001"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2021-2144",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
},
{
"name": "CVE-2025-8582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8582"
},
{
"name": "CVE-2022-21264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21264"
},
{
"name": "CVE-2020-14836",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14836"
},
{
"name": "CVE-2021-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3875"
},
{
"name": "CVE-2021-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2444"
},
{
"name": "CVE-2025-1933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1933"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2019-2785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2785"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2025-1942",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1942"
},
{
"name": "CVE-2025-0239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0239"
},
{
"name": "CVE-2021-2301",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2301"
},
{
"name": "CVE-2019-2797",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2797"
},
{
"name": "CVE-2020-2903",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2903"
},
{
"name": "CVE-2020-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
},
{
"name": "CVE-2022-21362",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21362"
},
{
"name": "CVE-2021-35628",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35628"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-5265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5265"
},
{
"name": "CVE-2024-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11697"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2021-4122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2019-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2686"
},
{
"name": "CVE-2021-2154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2021-2399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2399"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-3067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3067"
},
{
"name": "CVE-2020-2627",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2627"
},
{
"name": "CVE-2022-21509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21509"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2005-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2541"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-22028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22028"
},
{
"name": "CVE-2019-2946",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2946"
},
{
"name": "CVE-2025-8578",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8578"
},
{
"name": "CVE-2020-14888",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14888"
},
{
"name": "CVE-2025-8039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8039"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2025-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1011"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2021-2010",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2010"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2021-35546",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35546"
},
{
"name": "CVE-2021-2298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2298"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2025-0442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0442"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2019-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2694"
},
{
"name": "CVE-2025-8580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8580"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-1930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1930"
},
{
"name": "CVE-2020-14809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14809"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2021-2339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2339"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2025-0997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0997"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2020-14550",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14550"
},
{
"name": "CVE-2021-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2018-3203",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3203"
},
{
"name": "CVE-2025-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0441"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2022-21457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21457"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2019-2822",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2822"
},
{
"name": "CVE-2019-2502",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2502"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2024-21212",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21212"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2021-2032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2032"
},
{
"name": "CVE-2017-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
},
{
"name": "CVE-2019-2801",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2801"
},
{
"name": "CVE-2024-21193",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21193"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2019-3011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3011"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2023-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21871"
},
{
"name": "CVE-2021-2356",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
},
{
"name": "CVE-2020-2926",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2926"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2020-14846",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14846"
},
{
"name": "CVE-2022-21249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21249"
},
{
"name": "CVE-2024-21241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21241"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2021-2171",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
},
{
"name": "CVE-2019-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2436"
},
{
"name": "CVE-2022-21265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21265"
},
{
"name": "CVE-2022-21254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21254"
},
{
"name": "CVE-2025-1009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1009"
},
{
"name": "CVE-2025-9185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9185"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2024-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11695"
},
{
"name": "CVE-2025-6433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6433"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2019-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2513"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2020-14827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14827"
},
{
"name": "CVE-2025-6427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6427"
},
{
"name": "CVE-2019-2689",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2689"
},
{
"name": "CVE-2025-6430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6430"
},
{
"name": "CVE-2019-2747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2747"
},
{
"name": "CVE-2025-4092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4092"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2020-2904",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2904"
},
{
"name": "CVE-2019-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2998"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2021-2178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
},
{
"name": "CVE-2021-35591",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35591"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-0995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0995"
},
{
"name": "CVE-2025-6429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6429"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2022-21455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21455"
},
{
"name": "CVE-2024-11704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11704"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2022-21413",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21413"
},
{
"name": "CVE-2022-0635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0635"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2022-21372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21372"
},
{
"name": "CVE-2018-3182",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3182"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2020-12723",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
},
{
"name": "CVE-2023-22032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22032"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2021-35637",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35637"
},
{
"name": "CVE-2022-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
},
{
"name": "CVE-2025-1943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1943"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-5272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5272"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2021-20298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20298"
},
{
"name": "CVE-2023-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21887"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2019-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2624"
},
{
"name": "CVE-2021-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22055"
},
{
"name": "CVE-2020-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2812"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2025-6556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6556"
},
{
"name": "CVE-2025-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8262"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2025-1917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1917"
},
{
"name": "CVE-2022-21256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21256"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2019-2687",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2687"
},
{
"name": "CVE-2025-8292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8292"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0444"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2020-14845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14845"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2022-21556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21556"
},
{
"name": "CVE-2025-4372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4372"
},
{
"name": "CVE-2024-11691",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11691"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2020-2896",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2896"
},
{
"name": "CVE-2021-2410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2410"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2025-6426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6426"
},
{
"name": "CVE-2020-14800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14800"
},
{
"name": "CVE-2025-6558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
},
{
"name": "CVE-2025-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8035"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2023-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21873"
},
{
"name": "CVE-2021-2308",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2308"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2022-21368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21368"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2025-8579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8579"
},
{
"name": "CVE-2021-2402",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2402"
},
{
"name": "CVE-2024-21236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21236"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-11705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11705"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21863"
},
{
"name": "CVE-2020-2763",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2763"
},
{
"name": "CVE-2008-5728",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5728"
},
{
"name": "CVE-2025-6436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6436"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2020-14852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14852"
},
{
"name": "CVE-2019-2974",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2974"
},
{
"name": "CVE-2023-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21876"
},
{
"name": "CVE-2024-11702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11702"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2025-8583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8583"
},
{
"name": "CVE-2025-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4083"
},
{
"name": "CVE-2020-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14868"
},
{
"name": "CVE-2020-14814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14814"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2020-14837",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14837"
},
{
"name": "CVE-2019-2644",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2644"
},
{
"name": "CVE-2025-1918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1918"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2020-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2589"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2021-2036",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2036"
},
{
"name": "CVE-2024-21137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21137"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-21417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
},
{
"name": "CVE-2021-2479",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2479"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2024-21239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21239"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2021-35629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35629"
},
{
"name": "CVE-2020-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2814"
},
{
"name": "CVE-2019-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2922"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2025-0243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0243"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2025-1935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1935"
},
{
"name": "CVE-2018-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3145"
},
{
"name": "CVE-2025-6425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6425"
},
{
"name": "CVE-2025-26519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26519"
},
{
"name": "CVE-2021-2340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2340"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2022-21437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21437"
},
{
"name": "CVE-2022-21425",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21425"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2025-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3074"
},
{
"name": "CVE-2022-21537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21537"
},
{
"name": "CVE-2024-10487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
},
{
"name": "CVE-2019-2580",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2580"
},
{
"name": "CVE-2023-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21867"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2022-21547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21547"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2019-2587",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2587"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2025-8043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8043"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2025-5270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5270"
},
{
"name": "CVE-2021-35627",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35627"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2019-2910",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2910"
},
{
"name": "CVE-2020-14539",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14539"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2019-2593",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2593"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2023-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21869"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-1940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1940"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2019-2963",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2963"
},
{
"name": "CVE-2021-2387",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2387"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2022-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21348"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2020-14672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14672"
},
{
"name": "CVE-2021-2293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2293"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2020-14830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14830"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2025-8010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8010"
},
{
"name": "CVE-2021-2370",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2370"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2025-4082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4082"
},
{
"name": "CVE-2021-35644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35644"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2022-21592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8036"
},
{
"name": "CVE-2021-35631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35631"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-1915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1915"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-8032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8032"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2019-10782",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10782"
},
{
"name": "CVE-2024-11693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11693"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14893"
},
{
"name": "CVE-2021-35642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35642"
},
{
"name": "CVE-2023-43787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
},
{
"name": "CVE-2019-2948",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2948"
},
{
"name": "CVE-2023-43786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
},
{
"name": "CVE-2021-2278",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2278"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2019-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2924"
},
{
"name": "CVE-2025-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3608"
},
{
"name": "CVE-2021-2226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
},
{
"name": "CVE-2021-25214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25214"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2020-2779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2779"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2023-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21836"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-6432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6432"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2025-3029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3029"
},
{
"name": "CVE-2025-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1934"
},
{
"name": "CVE-2020-28500",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
},
{
"name": "CVE-2020-14794",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14794"
},
{
"name": "CVE-2019-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2634"
},
{
"name": "CVE-2025-3034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3034"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2023-22078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22078"
},
{
"name": "CVE-2020-14786",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14786"
},
{
"name": "CVE-2023-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21870"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-9187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9187"
},
{
"name": "CVE-2021-35638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35638"
},
{
"name": "CVE-2022-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21534"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-9183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9183"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2008-5742",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5742"
},
{
"name": "CVE-2024-10466",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10466"
},
{
"name": "CVE-2021-20193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2019-2533",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2533"
},
{
"name": "CVE-2025-4050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4050"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2020-14828",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14828"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2020-2759",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2759"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-1937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1937"
},
{
"name": "CVE-2020-14812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14812"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2025-9184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9184"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2025-1014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1014"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1013"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2023-21879",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21879"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-0762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0762"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11694"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2020-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2573"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2022-21444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
},
{
"name": "CVE-2025-1018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1018"
},
{
"name": "CVE-2020-2806",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2806"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2020-14838",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14838"
},
{
"name": "CVE-2019-2791",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2791"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2024-2397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2397"
},
{
"name": "CVE-2022-21378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21378"
},
{
"name": "CVE-2025-8040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8040"
},
{
"name": "CVE-2024-10465",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10465"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-5068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5068"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2019-2815",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2815"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2021-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2440"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2019-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2695"
},
{
"name": "CVE-2021-35634",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35634"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2021-2304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2304"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2021-2179",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2018-3285",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3285"
},
{
"name": "CVE-2019-2738",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2738"
},
{
"name": "CVE-2025-1017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1017"
},
{
"name": "CVE-2020-14821",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14821"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2021-2169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2023-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
},
{
"name": "CVE-2020-2572",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2572"
},
{
"name": "CVE-2020-2570",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2570"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2021-2060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2060"
},
{
"name": "CVE-2021-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2417"
},
{
"name": "CVE-2025-3035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3035"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2018-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3212"
},
{
"name": "CVE-2020-2895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2895"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21569",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21569"
},
{
"name": "CVE-2020-2925",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2925"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2019-2636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2636"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-6424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6424"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2021-35622",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35622"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-1914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1914"
},
{
"name": "CVE-2025-8029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8029"
},
{
"name": "CVE-2025-5067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5067"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2021-2212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2212"
},
{
"name": "CVE-2019-2691",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2691"
},
{
"name": "CVE-2021-2232",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2232"
},
{
"name": "CVE-2019-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2812"
},
{
"name": "CVE-2025-9132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9132"
},
{
"name": "CVE-2021-35643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35643"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-2478",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2478"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2020-16156",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16156"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-8038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8038"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2021-2481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2481"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2019-2739",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2739"
},
{
"name": "CVE-2015-2214",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2214"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2019-2968",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2968"
},
{
"name": "CVE-2023-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22053"
},
{
"name": "CVE-2025-0438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0438"
},
{
"name": "CVE-2021-25219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25219"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2020-14776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14776"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2019-2688",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2688"
},
{
"name": "CVE-2020-14860",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14860"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2023-4320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4320"
},
{
"name": "CVE-2025-1922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1922"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2025-0437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0437"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2025-8028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8028"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2025-49709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49709"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2024-11706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11706"
},
{
"name": "CVE-2025-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4051"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2017-12629",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12629"
},
{
"name": "CVE-2021-35645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35645"
},
{
"name": "CVE-2020-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2780"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-5063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5063"
},
{
"name": "CVE-2018-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3195"
},
{
"name": "CVE-2025-3071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3071"
},
{
"name": "CVE-2024-50073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
},
{
"name": "CVE-2020-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14567"
},
{
"name": "CVE-2019-2539",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2539"
},
{
"name": "CVE-2022-21525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21525"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2022-21352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21352"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-8011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8011"
},
{
"name": "CVE-2025-0436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0436"
},
{
"name": "CVE-2023-22114",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22114"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-0447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0447"
},
{
"name": "CVE-2021-2213",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2213"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2024-21209",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21209"
},
{
"name": "CVE-2025-8033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8033"
},
{
"name": "CVE-2021-22570",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22570"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2023-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22097"
},
{
"name": "CVE-2020-2765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2765"
},
{
"name": "CVE-2020-14791",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14791"
},
{
"name": "CVE-2023-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21880"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-8030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8030"
},
{
"name": "CVE-2024-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11696"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
},
{
"name": "CVE-2008-5730",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5730"
},
{
"name": "CVE-2021-2217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2217"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-3073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3073"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2019-9658",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9658"
},
{
"name": "CVE-2025-6191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6191"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-21454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2018-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1196"
},
{
"name": "CVE-2022-21427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2025-5271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5271"
},
{
"name": "CVE-2022-21374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21374"
},
{
"name": "CVE-2021-35630",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35630"
},
{
"name": "CVE-2025-6554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6554"
},
{
"name": "CVE-2025-5266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5266"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2020-14553",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14553"
},
{
"name": "CVE-2025-8031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8031"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2022-21462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21462"
},
{
"name": "CVE-2019-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2584"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2019-2635",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2635"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2022-21478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21478"
},
{
"name": "CVE-2025-29087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29087"
},
{
"name": "CVE-2019-2693",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2693"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2019-2741",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2741"
},
{
"name": "CVE-2025-46392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2022-21370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21370"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2426"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-1936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1936"
},
{
"name": "CVE-2025-5958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5958"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2019-2950",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2950"
},
{
"name": "CVE-2025-0238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0238"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2021-35641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35641"
},
{
"name": "CVE-2025-2476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2476"
},
{
"name": "CVE-2019-2620",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2620"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-21588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21588"
},
{
"name": "CVE-2019-2960",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2960"
},
{
"name": "CVE-2025-0998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0998"
},
{
"name": "CVE-2022-21459",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21459"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2019-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2795"
},
{
"name": "CVE-2021-2011",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2011"
},
{
"name": "CVE-2022-21412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21412"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2020-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2584"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
},
{
"name": "CVE-2019-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2834"
},
{
"name": "CVE-2020-14775",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14775"
},
{
"name": "CVE-2022-21438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21438"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2020-14760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14760"
},
{
"name": "CVE-2021-2383",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2383"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2025-1923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1923"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2021-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2022-21339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21339"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1938"
},
{
"name": "CVE-2023-22059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22059"
},
{
"name": "CVE-2020-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2923"
},
{
"name": "CVE-2025-4919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4919"
},
{
"name": "CVE-2019-2681",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2681"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0240"
},
{
"name": "CVE-2023-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22066"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2019-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2757"
},
{
"name": "CVE-2020-14848",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14848"
},
{
"name": "CVE-2018-3280",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3280"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2020-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2924"
},
{
"name": "CVE-2025-8576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8576"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-1012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1012"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-5267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5267"
},
{
"name": "CVE-2022-27772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27772"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2025-6555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6555"
},
{
"name": "CVE-2022-0396",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0396"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2025-0245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0245"
},
{
"name": "CVE-2019-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2830"
},
{
"name": "CVE-2021-35633",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35633"
},
{
"name": "CVE-2024-10462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10462"
},
{
"name": "CVE-2023-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22068"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2020-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14867"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0756",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36093",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36093"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36102",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36102"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36101",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36101"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36100",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36100"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36105",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36105"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36091",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36091"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36078",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36078"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36107",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36107"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36094",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36094"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36097",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36097"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-46",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36104"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36108",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36108"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36095",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36095"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-09",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36090"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36096",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36096"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36106",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36106"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36109",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36109"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36098",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36098"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36111"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36103",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36103"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36099",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36099"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36092",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36092"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36110",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36110"
}
]
}
CERTFR-2025-AVI-0960
Vulnerability from certfr_avis - Published: 2025-11-04 - Updated: 2025-11-04
De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu RabbitMQ | Tanzu RabbitMQ sur Kubernetes versions v4.0.x antérieures à v4.0.16 | ||
| VMware | Tanzu Greenplum | Cloud Service Broker pour AWS pour VMware Tanzu Platform versions antérieures à 1.15.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Streaming Server versions antérieures à 2.2.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions antérieures à Upgrade 1.10.1 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Backup and Restore versions antérieures à 1.32.1 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Data Copy Utility versions antérieures à 2.9.0 | ||
| VMware | Tanzu RabbitMQ | Tanzu RabbitMQ sur Kubernetes versions v4.1.x antérieures à v4.1.5 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum SQL Editor versions antérieures à 1.2.0 | ||
| VMware | Tanzu RabbitMQ | Tanzu RabbitMQ sur Kubernetes versions v3.13.x antérieures à v3.13.11 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu RabbitMQ sur Kubernetes versions v4.0.x ant\u00e9rieures \u00e0 v4.0.16",
"product": {
"name": "Tanzu RabbitMQ",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Service Broker pour AWS pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.15.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Streaming Server versions ant\u00e9rieures \u00e0 2.2.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 Upgrade 1.10.1",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Backup and Restore versions ant\u00e9rieures \u00e0 1.32.1",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Data Copy Utility versions ant\u00e9rieures \u00e0 2.9.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ sur Kubernetes versions v4.1.x ant\u00e9rieures \u00e0 v4.1.5",
"product": {
"name": "Tanzu RabbitMQ",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum SQL Editor versions ant\u00e9rieures \u00e0 1.2.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ sur Kubernetes versions v3.13.x ant\u00e9rieures \u00e0 v3.13.11",
"product": {
"name": "Tanzu RabbitMQ",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
}
],
"initial_release_date": "2025-11-04T00:00:00",
"last_revision_date": "2025-11-04T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0960",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
"vendor_advisories": [
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36296",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36296"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36302",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36302"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36297",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36297"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36300",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36300"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36298",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36298"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36299",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36299"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36301",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36301"
}
]
}
CERTFR-2025-AVI-0967
Vulnerability from certfr_avis - Published: 2025-11-05 - Updated: 2025-11-05
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | File Integrity Monitoring pour VMware Tanzu Platform versions antérieures à 2.1.49 | ||
| VMware | Tanzu Platform | Cloud Service Broker pour Azure pour VMware Tanzu Platform versions antérieures à 1.13.1 | ||
| VMware | Tanzu Platform | AI Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Platform | Scheduler pour VMware Tanzu Platform versions antérieures à 2.0.21 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.1.4 | ||
| VMware | Tanzu Platform | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Platform | .NET Core Buildpack versions antérieures à 2.4.64 | ||
| VMware | Tanzu Platform | VMware Tanzu Data Flow sur Tanzu Platform versions antérieures à 2.0.0 | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.2.4 | ||
| VMware | Tanzu Platform | CredHub Secrets Management pour VMware Tanzu Platform versions antérieures à 1.6.7 | ||
| VMware | Tanzu Platform | Extended App Support pour Tanzu Platform versions antérieures à 1.0.8 | ||
| VMware | Tanzu Platform | Go Buildpack versions antérieures à 1.10.57 | ||
| VMware | Tanzu Platform | VMware Tanzu RabbitMQ sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Platform | NodeJS Buildpack versions antérieures à 1.8.61 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.2.0 | ||
| VMware | Tanzu Platform | Application Services pour VMware Tanzu Platform versions antérieures à 3.3.11 | ||
| VMware | Tanzu Platform | IPsec Encryption pour VMware Tanzu Platform versions antérieures à 1.9.68 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "File Integrity Monitoring pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.1.49",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Service Broker pour Azure pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.13.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "AI Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Scheduler pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.0.21",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.1.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": ".NET Core Buildpack versions ant\u00e9rieures \u00e0 2.4.64",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu Data Flow sur Tanzu Platform versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Secrets Management pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.6.7",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Extended App Support pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.8",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Go Buildpack versions ant\u00e9rieures \u00e0 1.10.57",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu RabbitMQ sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.61",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Application Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.3.11",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "IPsec Encryption pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.9.68",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2024-36138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2024-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2024-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21890"
},
{
"name": "CVE-2024-21896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21896"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2024-7409",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7409"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2024-6505",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6505"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-43484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43484"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2024-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22025"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-54798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54798"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2024-3447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3447"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2023-46809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46809"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38229"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2024-43483",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43483"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-58446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58446"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2024-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3446"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2024-22019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22019"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2024-4467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4467"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2023-30584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30584"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21892"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-37372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2024-43485",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43485"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2024-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21891"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22017"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-61620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61620"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2024-8244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8244"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2023-39331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2023-39332",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2024-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2023-39333",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39333"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2024-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
}
],
"initial_release_date": "2025-11-05T00:00:00",
"last_revision_date": "2025-11-05T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0967",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36323",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36323"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36343",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36343"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-99",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36326"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36305",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36305"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36345",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36345"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36329"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-81",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36316"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36331"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36334",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36334"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36335",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36335"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36340",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36340"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36319",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36319"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36339",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36339"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36322",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36322"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36321",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36321"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36324"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36336",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36336"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36318",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36318"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36337",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36337"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36346",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36346"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-81",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36315"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36317",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36317"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36344",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36344"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36341",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36341"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36314",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36314"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36330"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36332",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36332"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36304",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36304"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36342",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36342"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36333",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36333"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-99",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36327"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36338",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36338"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36328"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36325"
}
]
}
CERTFR-2025-AVI-0532
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Universal Forwarder | Universal Forwarder versions 9.3.x antérieures à 9.3.4 | ||
| Splunk | Splunk Operator for Kubernetes | Splunk Operator for Kubernetes versions antérieures à 2.8.0 | ||
| Splunk | Universal Forwarder | Universal Forwarder versions 9.2.x antérieures à 9.2.6 | ||
| Splunk | Splunk | Splunk versions 9.3.x antérieures à 9.3.4 | ||
| Splunk | Universal Forwarder | Universal Forwarder versions 9.4.x antérieures à 9.4.2 | ||
| Splunk | Universal Forwarder | Universal Forwarder versions 9.1.x antérieures à 9.1.9 | ||
| Splunk | Splunk | Splunk versions 9.1.x antérieures à 9.1.9 | ||
| Splunk | Splunk | Splunk versions 9.2.x antérieures à 9.2.6 | ||
| Splunk | Splunk | Splunk versions 9.4.x antérieures à 9.4.2 | ||
| Splunk | Splunk AppDynamics Smart Agent | Splunk AppDynamics Smart Agent versions antérieures à 25.5.1 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Universal Forwarder versions 9.3.x ant\u00e9rieures \u00e0 9.3.4",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Operator for Kubernetes versions ant\u00e9rieures \u00e0 2.8.0",
"product": {
"name": "Splunk Operator for Kubernetes",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Universal Forwarder versions 9.2.x ant\u00e9rieures \u00e0 9.2.6",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk versions 9.3.x ant\u00e9rieures \u00e0 9.3.4",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Universal Forwarder versions 9.4.x ant\u00e9rieures \u00e0 9.4.2",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Universal Forwarder versions 9.1.x ant\u00e9rieures \u00e0 9.1.9",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk versions 9.1.x ant\u00e9rieures \u00e0 9.1.9",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk versions 9.2.x ant\u00e9rieures \u00e0 9.2.6",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk versions 9.4.x ant\u00e9rieures \u00e0 9.4.2",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Smart Agent versions ant\u00e9rieures \u00e0 25.5.1",
"product": {
"name": "Splunk AppDynamics Smart Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0532",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2025-06-23",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0607",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0607"
},
{
"published_at": "2025-06-23",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0610",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0610"
},
{
"published_at": "2025-06-23",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0608",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0608"
},
{
"published_at": "2025-06-23",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0609",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0609"
}
]
}
CERTFR-2025-AVI-0960
Vulnerability from certfr_avis - Published: 2025-11-04 - Updated: 2025-11-04
De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu RabbitMQ | Tanzu RabbitMQ sur Kubernetes versions v4.0.x antérieures à v4.0.16 | ||
| VMware | Tanzu Greenplum | Cloud Service Broker pour AWS pour VMware Tanzu Platform versions antérieures à 1.15.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Streaming Server versions antérieures à 2.2.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions antérieures à Upgrade 1.10.1 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Backup and Restore versions antérieures à 1.32.1 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Data Copy Utility versions antérieures à 2.9.0 | ||
| VMware | Tanzu RabbitMQ | Tanzu RabbitMQ sur Kubernetes versions v4.1.x antérieures à v4.1.5 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum SQL Editor versions antérieures à 1.2.0 | ||
| VMware | Tanzu RabbitMQ | Tanzu RabbitMQ sur Kubernetes versions v3.13.x antérieures à v3.13.11 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu RabbitMQ sur Kubernetes versions v4.0.x ant\u00e9rieures \u00e0 v4.0.16",
"product": {
"name": "Tanzu RabbitMQ",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Service Broker pour AWS pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.15.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Streaming Server versions ant\u00e9rieures \u00e0 2.2.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 Upgrade 1.10.1",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Backup and Restore versions ant\u00e9rieures \u00e0 1.32.1",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Data Copy Utility versions ant\u00e9rieures \u00e0 2.9.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ sur Kubernetes versions v4.1.x ant\u00e9rieures \u00e0 v4.1.5",
"product": {
"name": "Tanzu RabbitMQ",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum SQL Editor versions ant\u00e9rieures \u00e0 1.2.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ sur Kubernetes versions v3.13.x ant\u00e9rieures \u00e0 v3.13.11",
"product": {
"name": "Tanzu RabbitMQ",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
}
],
"initial_release_date": "2025-11-04T00:00:00",
"last_revision_date": "2025-11-04T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0960",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
"vendor_advisories": [
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36296",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36296"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36302",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36302"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36297",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36297"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36300",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36300"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36298",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36298"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36299",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36299"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36301",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36301"
}
]
}
CERTFR-2025-AVI-0939
Vulnerability from certfr_avis - Published: 2025-10-30 - Updated: 2025-10-30
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Splunk AppDynamics Analytics Agent | Splunk AppDynamics Analytics Agent versions 25.7.x antérieures à 25.7.0 | ||
| Splunk | Splunk AppDynamics Private Synthetic Agent | Splunk AppDynamics Private Synthetic Agent versions 25.7.x antérieures à 25.7.0 | ||
| Splunk | Splunk Operator for Kubernetes | Greffon Splunk Operator for Kubernetes versions 3.0.x antérieures à 3.0.0 | ||
| Splunk | Splunk AppDynamics Machine Agent | Splunk AppDynamics Machine Agent versions 25.7.x antérieures à 25.7.0 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Splunk AppDynamics Analytics Agent versions 25.7.x ant\u00e9rieures \u00e0 25.7.0",
"product": {
"name": "Splunk AppDynamics Analytics Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Private Synthetic Agent versions 25.7.x ant\u00e9rieures \u00e0 25.7.0",
"product": {
"name": "Splunk AppDynamics Private Synthetic Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Greffon Splunk Operator for Kubernetes versions 3.0.x ant\u00e9rieures \u00e0 3.0.0",
"product": {
"name": "Splunk Operator for Kubernetes",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Machine Agent versions 25.7.x ant\u00e9rieures \u00e0 25.7.0",
"product": {
"name": "Splunk AppDynamics Machine Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-45159",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45159"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-3360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3360"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-48622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48622"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
}
],
"initial_release_date": "2025-10-30T00:00:00",
"last_revision_date": "2025-10-30T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0939",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-30T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1009",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1009"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1011",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1011"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1010",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1010"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-1008",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1008"
}
]
}
CERTFR-2025-AVI-0532
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Universal Forwarder | Universal Forwarder versions 9.3.x antérieures à 9.3.4 | ||
| Splunk | Splunk Operator for Kubernetes | Splunk Operator for Kubernetes versions antérieures à 2.8.0 | ||
| Splunk | Universal Forwarder | Universal Forwarder versions 9.2.x antérieures à 9.2.6 | ||
| Splunk | Splunk | Splunk versions 9.3.x antérieures à 9.3.4 | ||
| Splunk | Universal Forwarder | Universal Forwarder versions 9.4.x antérieures à 9.4.2 | ||
| Splunk | Universal Forwarder | Universal Forwarder versions 9.1.x antérieures à 9.1.9 | ||
| Splunk | Splunk | Splunk versions 9.1.x antérieures à 9.1.9 | ||
| Splunk | Splunk | Splunk versions 9.2.x antérieures à 9.2.6 | ||
| Splunk | Splunk | Splunk versions 9.4.x antérieures à 9.4.2 | ||
| Splunk | Splunk AppDynamics Smart Agent | Splunk AppDynamics Smart Agent versions antérieures à 25.5.1 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Universal Forwarder versions 9.3.x ant\u00e9rieures \u00e0 9.3.4",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Operator for Kubernetes versions ant\u00e9rieures \u00e0 2.8.0",
"product": {
"name": "Splunk Operator for Kubernetes",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Universal Forwarder versions 9.2.x ant\u00e9rieures \u00e0 9.2.6",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk versions 9.3.x ant\u00e9rieures \u00e0 9.3.4",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Universal Forwarder versions 9.4.x ant\u00e9rieures \u00e0 9.4.2",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Universal Forwarder versions 9.1.x ant\u00e9rieures \u00e0 9.1.9",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk versions 9.1.x ant\u00e9rieures \u00e0 9.1.9",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk versions 9.2.x ant\u00e9rieures \u00e0 9.2.6",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk versions 9.4.x ant\u00e9rieures \u00e0 9.4.2",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Smart Agent versions ant\u00e9rieures \u00e0 25.5.1",
"product": {
"name": "Splunk AppDynamics Smart Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0532",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2025-06-23",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0607",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0607"
},
{
"published_at": "2025-06-23",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0610",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0610"
},
{
"published_at": "2025-06-23",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0608",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0608"
},
{
"published_at": "2025-06-23",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0609",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0609"
}
]
}
FKIE_CVE-2025-22872
Vulnerability from fkie_nvd - Published: 2025-04-16 18:16 - Updated: 2025-05-16 23:15
Severity ?
Summary
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. <math>, <svg>, etc contexts).
References
| URL | Tags | ||
|---|---|---|---|
| security@golang.org | https://go.dev/cl/662715 | ||
| security@golang.org | https://go.dev/issue/73070 | ||
| security@golang.org | https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA | ||
| security@golang.org | https://pkg.go.dev/vuln/GO-2025-3595 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20250516-0007/ |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts)."
},
{
"lang": "es",
"value": "El tokenizador interpreta incorrectamente las etiquetas con valores de atributo sin comillas que terminan en barra (/) como autocerradas. Al usar el tokenizador directamente, esto puede provocar que dichas etiquetas se marquen incorrectamente como autocerradas, y al usar las funciones de an\u00e1lisis, esto puede provocar que el contenido posterior a dichas etiquetas se coloque en el \u00e1mbito incorrecto durante la construcci\u00f3n del DOM, pero solo cuando las etiquetas se encuentran en contenido externo (por ejemplo, contextos , , etc.)."
}
],
"id": "CVE-2025-22872",
"lastModified": "2025-05-16T23:15:19.707",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.7,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-04-16T18:16:04.183",
"references": [
{
"source": "security@golang.org",
"url": "https://go.dev/cl/662715"
},
{
"source": "security@golang.org",
"url": "https://go.dev/issue/73070"
},
{
"source": "security@golang.org",
"url": "https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA"
},
{
"source": "security@golang.org",
"url": "https://pkg.go.dev/vuln/GO-2025-3595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20250516-0007/"
}
],
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Awaiting Analysis"
}
GHSA-VVGC-356P-C3XW
Vulnerability from github – Published: 2025-04-16 19:22 – Updated: 2025-05-17 18:49
VLAI?
Summary
golang.org/x/net vulnerable to Cross-site Scripting
Details
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. , , etc contexts).
Severity ?
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "golang.org/x/net"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.38.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-22872"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-16T19:22:51Z",
"nvd_published_at": "2025-04-16T18:16:04Z",
"severity": "MODERATE"
},
"details": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"id": "GHSA-vvgc-356p-c3xw",
"modified": "2025-05-17T18:49:25Z",
"published": "2025-04-16T19:22:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22872"
},
{
"type": "WEB",
"url": "https://go.dev/cl/662715"
},
{
"type": "WEB",
"url": "https://go.dev/issue/73070"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2025-3595"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250516-0007"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
}
],
"summary": "golang.org/x/net vulnerable to Cross-site Scripting"
}
MSRC_CVE-2025-22872
Vulnerability from csaf_microsoft - Published: 2025-04-02 00:00 - Updated: 2025-07-10 00:00Summary
Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-22872 Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-22872.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net",
"tracking": {
"current_release_date": "2025-07-10T00:00:00.000Z",
"generator": {
"date": "2025-10-20T03:11:13.555Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-22872",
"initial_release_date": "2025-04-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-04-29T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2025-05-05T00:00:00.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2025-05-27T00:00:00.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
},
{
"date": "2025-06-06T00:00:00.000Z",
"legacy_version": "4",
"number": "4",
"summary": "Added packer to CBL-Mariner 2.0\nAdded cni-plugins to CBL-Mariner 2.0\nAdded kubevirt to CBL-Mariner 2.0\nAdded sriov-network-device-plugin to CBL-Mariner 2.0\nAdded cni-plugins to Azure Linux 3.0\nAdded helm to Azure Linux 3.0\nAdded ig to Azure Linux 3.0\nAdded influxdb to Azure Linux 3.0\nAdded kubernetes to Azure Linux 3.0\nAdded kubevirt to Azure Linux 3.0\nAdded multus to Azure Linux 3.0\nAdded telegraf to Azure Linux 3.0\nAdded cf-cli to Azure Linux 3.0\nAdded containerized-data-importer to Azure Linux 3.0\nAdded docker-compose to Azure Linux 3.0\nAdded gh to Azure Linux 3.0\nAdded kube-vip-cloud-provider to Azure Linux 3.0\nAdded packer to Azure Linux 3.0\nAdded prometheus-adapter to Azure Linux 3.0\nAdded sriov-network-device-plugin to Azure Linux 3.0\nAdded keda to Azure Linux 3.0"
},
{
"date": "2025-07-10T00:00:00.000Z",
"legacy_version": "5",
"number": "5",
"summary": "Added cert-manager to CBL-Mariner 2.0\nAdded helm to CBL-Mariner 2.0\nAdded kubernetes to CBL-Mariner 2.0\nAdded multus to CBL-Mariner 2.0\nAdded telegraf to CBL-Mariner 2.0\nAdded vitess to CBL-Mariner 2.0\nAdded packer to CBL-Mariner 2.0\nAdded cni-plugins to CBL-Mariner 2.0\nAdded kubevirt to CBL-Mariner 2.0\nAdded sriov-network-device-plugin to CBL-Mariner 2.0\nAdded cert-manager to Azure Linux 3.0\nAdded containerd2 to Azure Linux 3.0\nAdded dasel to Azure Linux 3.0\nAdded docker-buildx to Azure Linux 3.0\nAdded cni-plugins to Azure Linux 3.0\nAdded helm to Azure Linux 3.0\nAdded ig to Azure Linux 3.0\nAdded influxdb to Azure Linux 3.0\nAdded kubernetes to Azure Linux 3.0\nAdded kubevirt to Azure Linux 3.0\nAdded multus to Azure Linux 3.0\nAdded telegraf to Azure Linux 3.0\nAdded cf-cli to Azure Linux 3.0\nAdded containerized-data-importer to Azure Linux 3.0\nAdded docker-compose to Azure Linux 3.0\nAdded gh to Azure Linux 3.0\nAdded kube-vip-cloud-provider to Azure Linux 3.0\nAdded packer to Azure Linux 3.0\nAdded prometheus-adapter to Azure Linux 3.0\nAdded sriov-network-device-plugin to Azure Linux 3.0\nAdded keda to Azure Linux 3.0"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 cri-tools 1.32.0-2",
"product": {
"name": "\u003cazl3 cri-tools 1.32.0-2",
"product_id": "8"
}
},
{
"category": "product_version",
"name": "azl3 cri-tools 1.32.0-2",
"product": {
"name": "azl3 cri-tools 1.32.0-2",
"product_id": "20303"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 cri-tools 1.29.0-8",
"product": {
"name": "\u003ccbl2 cri-tools 1.29.0-8",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "cbl2 cri-tools 1.29.0-8",
"product": {
"name": "cbl2 cri-tools 1.29.0-8",
"product_id": "20382"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 cri-tools 1.29.0-6",
"product": {
"name": "\u003ccbl2 cri-tools 1.29.0-6",
"product_id": "18"
}
},
{
"category": "product_version",
"name": "cbl2 cri-tools 1.29.0-6",
"product": {
"name": "cbl2 cri-tools 1.29.0-6",
"product_id": "19754"
}
}
],
"category": "product_name",
"name": "cri-tools"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 docker-buildx 0.14.0-6",
"product": {
"name": "\u003cazl3 docker-buildx 0.14.0-6",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "azl3 docker-buildx 0.14.0-6",
"product": {
"name": "azl3 docker-buildx 0.14.0-6",
"product_id": "20305"
}
}
],
"category": "product_name",
"name": "docker-buildx"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 cert-manager 1.11.2-23",
"product": {
"name": "\u003ccbl2 cert-manager 1.11.2-23",
"product_id": "9"
}
},
{
"category": "product_version",
"name": "cbl2 cert-manager 1.11.2-23",
"product": {
"name": "cbl2 cert-manager 1.11.2-23",
"product_id": "20252"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 cert-manager 1.12.15-4",
"product": {
"name": "\u003cazl3 cert-manager 1.12.15-4",
"product_id": "22"
}
},
{
"category": "product_version",
"name": "azl3 cert-manager 1.12.15-4",
"product": {
"name": "azl3 cert-manager 1.12.15-4",
"product_id": "19594"
}
}
],
"category": "product_name",
"name": "cert-manager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 containerd2 2.0.0-12",
"product": {
"name": "\u003cazl3 containerd2 2.0.0-12",
"product_id": "21"
}
},
{
"category": "product_version",
"name": "azl3 containerd2 2.0.0-12",
"product": {
"name": "azl3 containerd2 2.0.0-12",
"product_id": "19609"
}
}
],
"category": "product_name",
"name": "containerd2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 cni-plugins 1.3.0-8",
"product": {
"name": "\u003ccbl2 cni-plugins 1.3.0-8",
"product_id": "12"
}
},
{
"category": "product_version",
"name": "cbl2 cni-plugins 1.3.0-8",
"product": {
"name": "cbl2 cni-plugins 1.3.0-8",
"product_id": "19969"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 cni-plugins 1.4.0-3",
"product": {
"name": "\u003cazl3 cni-plugins 1.4.0-3",
"product_id": "24"
}
},
{
"category": "product_version",
"name": "azl3 cni-plugins 1.4.0-3",
"product": {
"name": "azl3 cni-plugins 1.4.0-3",
"product_id": "19348"
}
}
],
"category": "product_name",
"name": "cni-plugins"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 helm 3.14.2-6",
"product": {
"name": "\u003ccbl2 helm 3.14.2-6",
"product_id": "13"
}
},
{
"category": "product_version",
"name": "cbl2 helm 3.14.2-6",
"product": {
"name": "cbl2 helm 3.14.2-6",
"product_id": "19963"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 helm 3.15.2-3",
"product": {
"name": "\u003cazl3 helm 3.15.2-3",
"product_id": "39"
}
},
{
"category": "product_version",
"name": "azl3 helm 3.15.2-3",
"product": {
"name": "azl3 helm 3.15.2-3",
"product_id": "19333"
}
}
],
"category": "product_name",
"name": "helm"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 multus 4.0.2-8",
"product": {
"name": "\u003ccbl2 multus 4.0.2-8",
"product_id": "6"
}
},
{
"category": "product_version",
"name": "cbl2 multus 4.0.2-8",
"product": {
"name": "cbl2 multus 4.0.2-8",
"product_id": "20312"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 multus 4.0.2-5",
"product": {
"name": "\u003cazl3 multus 4.0.2-5",
"product_id": "27"
}
},
{
"category": "product_version",
"name": "azl3 multus 4.0.2-5",
"product": {
"name": "azl3 multus 4.0.2-5",
"product_id": "19345"
}
}
],
"category": "product_name",
"name": "multus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 telegraf 1.29.4-16",
"product": {
"name": "\u003ccbl2 telegraf 1.29.4-16",
"product_id": "15"
}
},
{
"category": "product_version",
"name": "cbl2 telegraf 1.29.4-16",
"product": {
"name": "cbl2 telegraf 1.29.4-16",
"product_id": "19939"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 telegraf 1.31.0-10",
"product": {
"name": "\u003cazl3 telegraf 1.31.0-10",
"product_id": "29"
}
},
{
"category": "product_version",
"name": "azl3 telegraf 1.31.0-10",
"product": {
"name": "azl3 telegraf 1.31.0-10",
"product_id": "19343"
}
}
],
"category": "product_name",
"name": "telegraf"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 sriov-network-device-plugin 3.6.2-9",
"product": {
"name": "\u003ccbl2 sriov-network-device-plugin 3.6.2-9",
"product_id": "20"
}
},
{
"category": "product_version",
"name": "cbl2 sriov-network-device-plugin 3.6.2-9",
"product": {
"name": "cbl2 sriov-network-device-plugin 3.6.2-9",
"product_id": "19680"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 sriov-network-device-plugin 3.7.0-4",
"product": {
"name": "\u003cazl3 sriov-network-device-plugin 3.7.0-4",
"product_id": "31"
}
},
{
"category": "product_version",
"name": "azl3 sriov-network-device-plugin 3.7.0-4",
"product": {
"name": "azl3 sriov-network-device-plugin 3.7.0-4",
"product_id": "19341"
}
}
],
"category": "product_name",
"name": "sriov-network-device-plugin"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 nvidia-container-toolkit 1.17.8-2",
"product": {
"name": "\u003cazl3 nvidia-container-toolkit 1.17.8-2",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 nvidia-container-toolkit 1.17.8-2",
"product": {
"name": "azl3 nvidia-container-toolkit 1.17.8-2",
"product_id": "20433"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.8-1",
"product": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.8-1",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "cbl2 nvidia-container-toolkit 1.17.8-1",
"product": {
"name": "cbl2 nvidia-container-toolkit 1.17.8-1",
"product_id": "20319"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 nvidia-container-toolkit 1.17.8-1",
"product": {
"name": "\u003cazl3 nvidia-container-toolkit 1.17.8-1",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "azl3 nvidia-container-toolkit 1.17.8-1",
"product": {
"name": "azl3 nvidia-container-toolkit 1.17.8-1",
"product_id": "20321"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.8-3",
"product": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.8-3",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 nvidia-container-toolkit 1.17.8-3",
"product": {
"name": "cbl2 nvidia-container-toolkit 1.17.8-3",
"product_id": "20383"
}
}
],
"category": "product_name",
"name": "nvidia-container-toolkit"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 kube-vip-cloud-provider 0.0.10-4",
"product": {
"name": "\u003cazl3 kube-vip-cloud-provider 0.0.10-4",
"product_id": "40"
}
},
{
"category": "product_version",
"name": "azl3 kube-vip-cloud-provider 0.0.10-4",
"product": {
"name": "azl3 kube-vip-cloud-provider 0.0.10-4",
"product_id": "19332"
}
}
],
"category": "product_name",
"name": "kube-vip-cloud-provider"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 docker-compose 2.27.0-5",
"product": {
"name": "\u003cazl3 docker-compose 2.27.0-5",
"product_id": "38"
}
},
{
"category": "product_version",
"name": "azl3 docker-compose 2.27.0-5",
"product": {
"name": "azl3 docker-compose 2.27.0-5",
"product_id": "19334"
}
}
],
"category": "product_name",
"name": "docker-compose"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 packer 1.9.5-9",
"product": {
"name": "\u003cazl3 packer 1.9.5-9",
"product_id": "37"
}
},
{
"category": "product_version",
"name": "azl3 packer 1.9.5-9",
"product": {
"name": "azl3 packer 1.9.5-9",
"product_id": "19335"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 packer 1.9.5-13",
"product": {
"name": "\u003ccbl2 packer 1.9.5-13",
"product_id": "14"
}
},
{
"category": "product_version",
"name": "cbl2 packer 1.9.5-13",
"product": {
"name": "cbl2 packer 1.9.5-13",
"product_id": "19945"
}
}
],
"category": "product_name",
"name": "packer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 prometheus-adapter 0.12.0-3",
"product": {
"name": "\u003cazl3 prometheus-adapter 0.12.0-3",
"product_id": "36"
}
},
{
"category": "product_version",
"name": "azl3 prometheus-adapter 0.12.0-3",
"product": {
"name": "azl3 prometheus-adapter 0.12.0-3",
"product_id": "19336"
}
}
],
"category": "product_name",
"name": "prometheus-adapter"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 cf-cli 8.7.11-3",
"product": {
"name": "\u003cazl3 cf-cli 8.7.11-3",
"product_id": "35"
}
},
{
"category": "product_version",
"name": "azl3 cf-cli 8.7.11-3",
"product": {
"name": "azl3 cf-cli 8.7.11-3",
"product_id": "19337"
}
}
],
"category": "product_name",
"name": "cf-cli"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 gh 2.62.0-8",
"product": {
"name": "\u003cazl3 gh 2.62.0-8",
"product_id": "34"
}
},
{
"category": "product_version",
"name": "azl3 gh 2.62.0-8",
"product": {
"name": "azl3 gh 2.62.0-8",
"product_id": "19338"
}
}
],
"category": "product_name",
"name": "gh"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 kubevirt 1.2.0-17",
"product": {
"name": "\u003cazl3 kubevirt 1.2.0-17",
"product_id": "33"
}
},
{
"category": "product_version",
"name": "azl3 kubevirt 1.2.0-17",
"product": {
"name": "azl3 kubevirt 1.2.0-17",
"product_id": "19339"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 kubevirt 0.59.0-28",
"product": {
"name": "\u003ccbl2 kubevirt 0.59.0-28",
"product_id": "16"
}
},
{
"category": "product_version",
"name": "cbl2 kubevirt 0.59.0-28",
"product": {
"name": "cbl2 kubevirt 0.59.0-28",
"product_id": "19782"
}
}
],
"category": "product_name",
"name": "kubevirt"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 kubernetes 1.30.10-7",
"product": {
"name": "\u003cazl3 kubernetes 1.30.10-7",
"product_id": "32"
}
},
{
"category": "product_version",
"name": "azl3 kubernetes 1.30.10-7",
"product": {
"name": "azl3 kubernetes 1.30.10-7",
"product_id": "19340"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 kubernetes 1.28.4-18",
"product": {
"name": "\u003ccbl2 kubernetes 1.28.4-18",
"product_id": "17"
}
},
{
"category": "product_version",
"name": "cbl2 kubernetes 1.28.4-18",
"product": {
"name": "cbl2 kubernetes 1.28.4-18",
"product_id": "19761"
}
}
],
"category": "product_name",
"name": "kubernetes"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 ig 0.37.0-4",
"product": {
"name": "\u003cazl3 ig 0.37.0-4",
"product_id": "30"
}
},
{
"category": "product_version",
"name": "azl3 ig 0.37.0-4",
"product": {
"name": "azl3 ig 0.37.0-4",
"product_id": "19342"
}
}
],
"category": "product_name",
"name": "ig"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 influxdb 2.7.5-5",
"product": {
"name": "\u003cazl3 influxdb 2.7.5-5",
"product_id": "28"
}
},
{
"category": "product_version",
"name": "azl3 influxdb 2.7.5-5",
"product": {
"name": "azl3 influxdb 2.7.5-5",
"product_id": "19344"
}
}
],
"category": "product_name",
"name": "influxdb"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 containerized-data-importer 1.57.0-14",
"product": {
"name": "\u003cazl3 containerized-data-importer 1.57.0-14",
"product_id": "26"
}
},
{
"category": "product_version",
"name": "azl3 containerized-data-importer 1.57.0-14",
"product": {
"name": "azl3 containerized-data-importer 1.57.0-14",
"product_id": "19346"
}
}
],
"category": "product_name",
"name": "containerized-data-importer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 keda 2.14.1-7",
"product": {
"name": "\u003cazl3 keda 2.14.1-7",
"product_id": "25"
}
},
{
"category": "product_version",
"name": "azl3 keda 2.14.1-7",
"product": {
"name": "azl3 keda 2.14.1-7",
"product_id": "19347"
}
}
],
"category": "product_name",
"name": "keda"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 vitess 17.0.7-8",
"product": {
"name": "\u003ccbl2 vitess 17.0.7-8",
"product_id": "19"
}
},
{
"category": "product_version",
"name": "cbl2 vitess 17.0.7-8",
"product": {
"name": "cbl2 vitess 17.0.7-8",
"product_id": "19698"
}
}
],
"category": "product_name",
"name": "vitess"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 dasel 2.8.1-2",
"product": {
"name": "\u003cazl3 dasel 2.8.1-2",
"product_id": "10"
}
},
{
"category": "product_version",
"name": "azl3 dasel 2.8.1-2",
"product": {
"name": "azl3 dasel 2.8.1-2",
"product_id": "20004"
}
}
],
"category": "product_name",
"name": "dasel"
},
{
"category": "product_name",
"name": "azl3 node-problem-detector 0.8.20-2",
"product": {
"name": "azl3 node-problem-detector 0.8.20-2",
"product_id": "41"
}
},
{
"category": "product_name",
"name": "azl3 libcontainers-common 20240213-3",
"product": {
"name": "azl3 libcontainers-common 20240213-3",
"product_id": "42"
}
},
{
"category": "product_name",
"name": "azl3 application-gateway-kubernetes-ingress 1.7.7-2",
"product": {
"name": "azl3 application-gateway-kubernetes-ingress 1.7.7-2",
"product_id": "23"
}
},
{
"category": "product_name",
"name": "azl3 cloud-provider-kubevirt 0.5.1-1",
"product": {
"name": "azl3 cloud-provider-kubevirt 0.5.1-1",
"product_id": "11"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 cri-tools 1.32.0-2 as a component of Azure Linux 3.0",
"product_id": "17084-8"
},
"product_reference": "8",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 cri-tools 1.32.0-2 as a component of Azure Linux 3.0",
"product_id": "20303-17084"
},
"product_reference": "20303",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 docker-buildx 0.14.0-6 as a component of Azure Linux 3.0",
"product_id": "17084-7"
},
"product_reference": "7",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 docker-buildx 0.14.0-6 as a component of Azure Linux 3.0",
"product_id": "20305-17084"
},
"product_reference": "20305",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 cert-manager 1.11.2-23 as a component of CBL Mariner 2.0",
"product_id": "17086-9"
},
"product_reference": "9",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 cert-manager 1.11.2-23 as a component of CBL Mariner 2.0",
"product_id": "20252-17086"
},
"product_reference": "20252",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 containerd2 2.0.0-12 as a component of Azure Linux 3.0",
"product_id": "17084-21"
},
"product_reference": "21",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 containerd2 2.0.0-12 as a component of Azure Linux 3.0",
"product_id": "19609-17084"
},
"product_reference": "19609",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 cni-plugins 1.3.0-8 as a component of CBL Mariner 2.0",
"product_id": "17086-12"
},
"product_reference": "12",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 cni-plugins 1.3.0-8 as a component of CBL Mariner 2.0",
"product_id": "19969-17086"
},
"product_reference": "19969",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 node-problem-detector 0.8.20-2 as a component of Azure Linux 3.0",
"product_id": "17084-41"
},
"product_reference": "41",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 cert-manager 1.12.15-4 as a component of Azure Linux 3.0",
"product_id": "17084-22"
},
"product_reference": "22",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 cert-manager 1.12.15-4 as a component of Azure Linux 3.0",
"product_id": "19594-17084"
},
"product_reference": "19594",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 helm 3.14.2-6 as a component of CBL Mariner 2.0",
"product_id": "17086-13"
},
"product_reference": "13",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 helm 3.14.2-6 as a component of CBL Mariner 2.0",
"product_id": "19963-17086"
},
"product_reference": "19963",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 multus 4.0.2-8 as a component of CBL Mariner 2.0",
"product_id": "17086-6"
},
"product_reference": "6",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 multus 4.0.2-8 as a component of CBL Mariner 2.0",
"product_id": "20312-17086"
},
"product_reference": "20312",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 telegraf 1.29.4-16 as a component of CBL Mariner 2.0",
"product_id": "17086-15"
},
"product_reference": "15",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 telegraf 1.29.4-16 as a component of CBL Mariner 2.0",
"product_id": "19939-17086"
},
"product_reference": "19939",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 sriov-network-device-plugin 3.6.2-9 as a component of CBL Mariner 2.0",
"product_id": "17086-20"
},
"product_reference": "20",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 sriov-network-device-plugin 3.6.2-9 as a component of CBL Mariner 2.0",
"product_id": "19680-17086"
},
"product_reference": "19680",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 cri-tools 1.29.0-8 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 cri-tools 1.29.0-8 as a component of CBL Mariner 2.0",
"product_id": "20382-17086"
},
"product_reference": "20382",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 nvidia-container-toolkit 1.17.8-2 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 nvidia-container-toolkit 1.17.8-2 as a component of Azure Linux 3.0",
"product_id": "20433-17084"
},
"product_reference": "20433",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 kube-vip-cloud-provider 0.0.10-4 as a component of Azure Linux 3.0",
"product_id": "17084-40"
},
"product_reference": "40",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kube-vip-cloud-provider 0.0.10-4 as a component of Azure Linux 3.0",
"product_id": "19332-17084"
},
"product_reference": "19332",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 helm 3.15.2-3 as a component of Azure Linux 3.0",
"product_id": "17084-39"
},
"product_reference": "39",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 helm 3.15.2-3 as a component of Azure Linux 3.0",
"product_id": "19333-17084"
},
"product_reference": "19333",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 docker-compose 2.27.0-5 as a component of Azure Linux 3.0",
"product_id": "17084-38"
},
"product_reference": "38",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 docker-compose 2.27.0-5 as a component of Azure Linux 3.0",
"product_id": "19334-17084"
},
"product_reference": "19334",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 packer 1.9.5-9 as a component of Azure Linux 3.0",
"product_id": "17084-37"
},
"product_reference": "37",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 packer 1.9.5-9 as a component of Azure Linux 3.0",
"product_id": "19335-17084"
},
"product_reference": "19335",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 prometheus-adapter 0.12.0-3 as a component of Azure Linux 3.0",
"product_id": "17084-36"
},
"product_reference": "36",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 prometheus-adapter 0.12.0-3 as a component of Azure Linux 3.0",
"product_id": "19336-17084"
},
"product_reference": "19336",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 cf-cli 8.7.11-3 as a component of Azure Linux 3.0",
"product_id": "17084-35"
},
"product_reference": "35",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 cf-cli 8.7.11-3 as a component of Azure Linux 3.0",
"product_id": "19337-17084"
},
"product_reference": "19337",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 gh 2.62.0-8 as a component of Azure Linux 3.0",
"product_id": "17084-34"
},
"product_reference": "34",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 gh 2.62.0-8 as a component of Azure Linux 3.0",
"product_id": "19338-17084"
},
"product_reference": "19338",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 kubevirt 1.2.0-17 as a component of Azure Linux 3.0",
"product_id": "17084-33"
},
"product_reference": "33",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kubevirt 1.2.0-17 as a component of Azure Linux 3.0",
"product_id": "19339-17084"
},
"product_reference": "19339",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 kubernetes 1.30.10-7 as a component of Azure Linux 3.0",
"product_id": "17084-32"
},
"product_reference": "32",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kubernetes 1.30.10-7 as a component of Azure Linux 3.0",
"product_id": "19340-17084"
},
"product_reference": "19340",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 sriov-network-device-plugin 3.7.0-4 as a component of Azure Linux 3.0",
"product_id": "17084-31"
},
"product_reference": "31",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 sriov-network-device-plugin 3.7.0-4 as a component of Azure Linux 3.0",
"product_id": "19341-17084"
},
"product_reference": "19341",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 ig 0.37.0-4 as a component of Azure Linux 3.0",
"product_id": "17084-30"
},
"product_reference": "30",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 ig 0.37.0-4 as a component of Azure Linux 3.0",
"product_id": "19342-17084"
},
"product_reference": "19342",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 telegraf 1.31.0-10 as a component of Azure Linux 3.0",
"product_id": "17084-29"
},
"product_reference": "29",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 telegraf 1.31.0-10 as a component of Azure Linux 3.0",
"product_id": "19343-17084"
},
"product_reference": "19343",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 influxdb 2.7.5-5 as a component of Azure Linux 3.0",
"product_id": "17084-28"
},
"product_reference": "28",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 influxdb 2.7.5-5 as a component of Azure Linux 3.0",
"product_id": "19344-17084"
},
"product_reference": "19344",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 multus 4.0.2-5 as a component of Azure Linux 3.0",
"product_id": "17084-27"
},
"product_reference": "27",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 multus 4.0.2-5 as a component of Azure Linux 3.0",
"product_id": "19345-17084"
},
"product_reference": "19345",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 containerized-data-importer 1.57.0-14 as a component of Azure Linux 3.0",
"product_id": "17084-26"
},
"product_reference": "26",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 containerized-data-importer 1.57.0-14 as a component of Azure Linux 3.0",
"product_id": "19346-17084"
},
"product_reference": "19346",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 keda 2.14.1-7 as a component of Azure Linux 3.0",
"product_id": "17084-25"
},
"product_reference": "25",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 keda 2.14.1-7 as a component of Azure Linux 3.0",
"product_id": "19347-17084"
},
"product_reference": "19347",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 cni-plugins 1.4.0-3 as a component of Azure Linux 3.0",
"product_id": "17084-24"
},
"product_reference": "24",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 cni-plugins 1.4.0-3 as a component of Azure Linux 3.0",
"product_id": "19348-17084"
},
"product_reference": "19348",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 libcontainers-common 20240213-3 as a component of Azure Linux 3.0",
"product_id": "17084-42"
},
"product_reference": "42",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 application-gateway-kubernetes-ingress 1.7.7-2 as a component of Azure Linux 3.0",
"product_id": "17084-23"
},
"product_reference": "23",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 kubernetes 1.28.4-18 as a component of CBL Mariner 2.0",
"product_id": "17086-17"
},
"product_reference": "17",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kubernetes 1.28.4-18 as a component of CBL Mariner 2.0",
"product_id": "19761-17086"
},
"product_reference": "19761",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 cloud-provider-kubevirt 0.5.1-1 as a component of Azure Linux 3.0",
"product_id": "17084-11"
},
"product_reference": "11",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 kubevirt 0.59.0-28 as a component of CBL Mariner 2.0",
"product_id": "17086-16"
},
"product_reference": "16",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kubevirt 0.59.0-28 as a component of CBL Mariner 2.0",
"product_id": "19782-17086"
},
"product_reference": "19782",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 cri-tools 1.29.0-6 as a component of CBL Mariner 2.0",
"product_id": "17086-18"
},
"product_reference": "18",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 cri-tools 1.29.0-6 as a component of CBL Mariner 2.0",
"product_id": "19754-17086"
},
"product_reference": "19754",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 vitess 17.0.7-8 as a component of CBL Mariner 2.0",
"product_id": "17086-19"
},
"product_reference": "19",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 vitess 17.0.7-8 as a component of CBL Mariner 2.0",
"product_id": "19698-17086"
},
"product_reference": "19698",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 packer 1.9.5-13 as a component of CBL Mariner 2.0",
"product_id": "17086-14"
},
"product_reference": "14",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 packer 1.9.5-13 as a component of CBL Mariner 2.0",
"product_id": "19945-17086"
},
"product_reference": "19945",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 dasel 2.8.1-2 as a component of Azure Linux 3.0",
"product_id": "17084-10"
},
"product_reference": "10",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 dasel 2.8.1-2 as a component of Azure Linux 3.0",
"product_id": "20004-17084"
},
"product_reference": "20004",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.8-1 as a component of CBL Mariner 2.0",
"product_id": "17086-5"
},
"product_reference": "5",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 nvidia-container-toolkit 1.17.8-1 as a component of CBL Mariner 2.0",
"product_id": "20319-17086"
},
"product_reference": "20319",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 nvidia-container-toolkit 1.17.8-1 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 nvidia-container-toolkit 1.17.8-1 as a component of Azure Linux 3.0",
"product_id": "20321-17084"
},
"product_reference": "20321",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.8-3 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 nvidia-container-toolkit 1.17.8-3 as a component of CBL Mariner 2.0",
"product_id": "20383-17086"
},
"product_reference": "20383",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-41",
"17084-42",
"17084-23",
"17084-11"
]
}
],
"notes": [
{
"category": "general",
"text": "Go",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20303-17084",
"20305-17084",
"20252-17086",
"19609-17084",
"19969-17086",
"19594-17084",
"19963-17086",
"20312-17086",
"19939-17086",
"19680-17086",
"20382-17086",
"20433-17084",
"19332-17084",
"19333-17084",
"19334-17084",
"19335-17084",
"19336-17084",
"19337-17084",
"19338-17084",
"19339-17084",
"19340-17084",
"19341-17084",
"19342-17084",
"19343-17084",
"19344-17084",
"19345-17084",
"19346-17084",
"19347-17084",
"19348-17084",
"19761-17086",
"19782-17086",
"19754-17086",
"19698-17086",
"19945-17086",
"20004-17084",
"20319-17086",
"20321-17084",
"20383-17086"
],
"known_affected": [
"17084-8",
"17084-7",
"17086-9",
"17084-21",
"17086-12",
"17084-22",
"17086-13",
"17086-6",
"17086-15",
"17086-20",
"17086-3",
"17084-1",
"17084-40",
"17084-39",
"17084-38",
"17084-37",
"17084-36",
"17084-35",
"17084-34",
"17084-33",
"17084-32",
"17084-31",
"17084-30",
"17084-29",
"17084-28",
"17084-27",
"17084-26",
"17084-25",
"17084-24",
"17086-17",
"17086-16",
"17086-18",
"17086-19",
"17086-14",
"17084-10",
"17086-5",
"17084-4",
"17086-2"
],
"known_not_affected": [
"17084-41",
"17084-42",
"17084-23",
"17084-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-22872 Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-22872.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.32.0-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-8"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "0.14.0-6:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-7"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.11.2-23:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-9"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "2.0.0-9:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-21"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.3.0-8:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-12"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.12.15-4:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-22"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "3.14.2-6:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-13"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "4.0.2-8:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-6"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.29.4-16:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-15"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "3.6.2-9:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-20"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.29.0-8:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.17.8-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-1",
"17086-5",
"17084-4"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "0.0.10-4:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-40"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "3.15.2-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-39"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "2.27.0-5:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-38"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.9.5-9:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-37"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "0.12.0-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-36"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "8.7.11-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-35"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "2.62.0-8:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-34"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.2.0-17:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-33"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.30.10-7:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-32"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "3.7.0-4:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-31"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "0.37.0-4:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-30"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.31.0-10:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-29"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "2.7.5-5:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-28"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "4.0.2-5:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-27"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.57.0-14:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-26"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "2.14.1-7:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-25"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.4.0-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-24"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.28.4-18:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-17"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "0.59.0-28:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-16"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.29.0-7:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-18"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "17.0.7-8:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-19"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.9.5-13:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-14"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "2.8.1-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-10"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-04-29T00:00:00.000Z",
"details": "1.17.8-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalsScore": 0.0,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"17084-8",
"17084-7",
"17086-9",
"17084-21",
"17086-12",
"17084-22",
"17086-13",
"17086-6",
"17086-15",
"17086-20",
"17086-3",
"17084-1",
"17084-40",
"17084-39",
"17084-38",
"17084-37",
"17084-36",
"17084-35",
"17084-34",
"17084-33",
"17084-32",
"17084-31",
"17084-30",
"17084-29",
"17084-28",
"17084-27",
"17084-26",
"17084-25",
"17084-24",
"17086-17",
"17086-16",
"17086-18",
"17086-19",
"17086-14",
"17084-10",
"17086-5",
"17084-4",
"17086-2"
]
}
],
"title": "Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…