cvelistv5 - cve-2025-27509

CVE-2025-27509 (GCVE-0-2025-27509)

Vulnerability from cvelistv5 – Published: 2025-03-06 19:00 – Updated: 2025-03-06 19:29

Summary

fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time (JIT) provisioning is enabled, or create new accounts tied to forged assertions if f MDM enrollment is enabled. This vulnerability is fixed in 4.64.2, 4.63.2, 4.62.4, and 4.58.1.

Severity ?

9.3 (Critical)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

CWE

CWE-285 - Improper Authorization

Assigner

GitHub_M

References

URL

	Vendor	Product	Version
	fleetdm	fleet	Affected: >= 4.64.0, < 4.64.2 Affected: >= 4.63.0, < 4.63.2 Affected: >= 4.62.0, < 4.62.4 Affected: < 4.58.1

GHSA-52JX-G6M5-H735

Vulnerability from github – Published: 2025-03-06 19:12 – Updated: 2025-03-14 20:32

Summary

Fleet has SAML authentication vulnerability due to improper SAML response validation

Details

Impact

In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to:

Forge authentication assertions, potentially impersonating legitimate users.
If Just-In-Time (JIT) provisioning is enabled, the attacker could provision a new administrative user account.
If MDM enrollment is enabled, certain endpoints could be used to create new accounts tied to forged assertions.

This could allow unauthorized access to Fleet, including administrative access, visibility into device data, and modification of configuration.

Patches

This issue is addressed in commit fc96cc4 and is available in Fleet version 4.64.2.

The following backport versions also address this issue:

4.63.2
4.62.4
4.58.1
4.53.2

Workarounds

If an immediate upgrade is not possible, Fleet users should temporarily disable single-sign-on (SSO) and use password authentication.

Credit

Thank you @hakivvi, as well as Jeffrey Hofmann and Colby Morgan from the Robinhood Red Team for finding and reporting this vulnerability using our responsible disclosure process.

For more information

If you have any questions or comments about this advisory:

Email us at security@fleetdm.com
Join #fleet in osquery Slack

Severity ?

9.3 (Critical)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/fleetdm/fleet/v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.64.0"
            },
            {
              "fixed": "4.64.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/fleetdm/fleet/v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.63.0"
            },
            {
              "fixed": "4.63.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/fleetdm/fleet/v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.62.0"
            },
            {
              "fixed": "4.62.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/fleetdm/fleet/v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.54.0"
            },
            {
              "fixed": "4.58.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/fleetdm/fleet/v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.53.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-27509"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-285",
      "CWE-74"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-03-06T19:12:27Z",
    "nvd_published_at": "2025-03-06T19:15:27Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\n\nIn vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to:\n\n- Forge authentication assertions, potentially impersonating legitimate users.\n- If Just-In-Time (JIT) provisioning is enabled, the attacker could provision a new administrative user account.\n- If MDM enrollment is enabled, certain endpoints could be used to create new accounts tied to forged assertions.\n\nThis could allow unauthorized access to Fleet, including administrative access, visibility into device data, and modification of configuration. \n\n### Patches\n\nThis issue is addressed in commit [fc96cc4](https://github.com/fleetdm/fleet/commit/fc96cc4e91047250afb12f65ad70e90b30a7fb1c) and is available in Fleet version 4.64.2.\n\nThe following backport versions also address this issue: \n\n- 4.63.2\n- 4.62.4\n- 4.58.1\n- 4.53.2\n\n### Workarounds\n\nIf an immediate upgrade is not possible, Fleet users should temporarily disable [single-sign-on (SSO)](https://fleetdm.com/docs/deploy/single-sign-on-sso) and use password authentication.\n\n### Credit\n\nThank you @hakivvi, as well as Jeffrey Hofmann and Colby Morgan from the Robinhood Red Team for finding and reporting this vulnerability using our [responsible disclosure process](https://github.com/fleetdm/fleet/blob/main/SECURITY.md).\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n- Email us at security@fleetdm.com\n- Join #fleet in [osquery Slack](https://join.slack.com/t/osquery/shared_invite/zt-h29zm0gk-s2DBtGUTW4CFel0f0IjTEw)",
  "id": "GHSA-52jx-g6m5-h735",
  "modified": "2025-03-14T20:32:17Z",
  "published": "2025-03-06T19:12:27Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/fleetdm/fleet/security/advisories/GHSA-52jx-g6m5-h735"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27509"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fleetdm/fleet/commit/718c95e47ad010ad6b8ceb3f3460e921fbfc53bb"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/fleetdm/fleet"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fleetdm/fleet/releases/tag/fleet-v4.64.2"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2025-3505"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Fleet has SAML authentication vulnerability due to improper SAML response validation"
}

FKIE_CVE-2025-27509

Vulnerability from fkie_nvd - Published: 2025-03-06 19:15 - Updated: 2025-03-06 19:15

Severity ?

9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/fleetdm/fleet/commit/718c95e47ad010ad6b8ceb3f3460e921fbfc53bb
	security-advisories@github.com	https://github.com/fleetdm/fleet/security/advisories/GHSA-52jx-g6m5-h735

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time (JIT) provisioning is enabled, or create new accounts tied to forged assertions if f MDM enrollment is enabled. This vulnerability is fixed in 4.64.2, 4.63.2, 4.62.4, and 4.58.1."
    },
    {
      "lang": "es",
      "value": "fleedm/fleet es un sistema de gesti\u00f3n de dispositivos de c\u00f3digo abierto, basado en osquery. En versiones vulnerables de Fleet, un atacante podr\u00eda crear una respuesta SAML especialmente manipulada para falsificar las afirmaciones de autenticaci\u00f3n, proporcionar una nueva cuenta de usuario administrativo si el aprovisionamiento Just-In-Time (JIT) est\u00e1 habilitado o crear nuevas cuentas vinculadas a afirmaciones falsificadas si la inscripci\u00f3n a MDM est\u00e1 habilitada. Esta vulnerabilidad se ha corregido en 4.64.2, 4.63.2, 4.62.4 y 4.58.1."
    }
  ],
  "id": "CVE-2025-27509",
  "lastModified": "2025-03-06T19:15:27.973",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 9.3,
          "baseSeverity": "CRITICAL",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-03-06T19:15:27.973",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/fleetdm/fleet/commit/718c95e47ad010ad6b8ceb3f3460e921fbfc53bb"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/fleetdm/fleet/security/advisories/GHSA-52jx-g6m5-h735"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-285"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

WID-SEC-W-2025-0522

Vulnerability from csaf_certbund - Published: 2025-03-10 23:00 - Updated: 2025-03-10 23:00

Summary

Fleet: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Fleet ist eine Open-Source-Plattform zur Geräteverwaltung, die es Unternehmen ermöglicht, ihre Infrastruktur zu überwachen und zu sichern.

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Fleet ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme

- Linux - UNIX

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Fleet ist eine Open-Source-Plattform zur Ger\u00e4teverwaltung, die es Unternehmen erm\u00f6glicht, ihre Infrastruktur zu \u00fcberwachen und zu sichern.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Fleet ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0522 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0522.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0522 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0522"
      },
      {
        "category": "external",
        "summary": "Fleet GitHub vom 2025-03-10",
        "url": "https://github.com/fleetdm/fleet/security/advisories/GHSA-52jx-g6m5-h735"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2025-03-10",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27509"
      }
    ],
    "source_lang": "en-US",
    "title": "Fleet: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen",
    "tracking": {
      "current_release_date": "2025-03-10T23:00:00.000+00:00",
      "generator": {
        "date": "2025-03-11T12:45:19.144+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-0522",
      "initial_release_date": "2025-03-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-03-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c4.64.2",
                "product": {
                  "name": "Open Source Fleet \u003c4.64.2",
                  "product_id": "T041725"
                }
              },
              {
                "category": "product_version",
                "name": "4.64.2",
                "product": {
                  "name": "Open Source Fleet 4.64.2",
                  "product_id": "T041725-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:fleetdm:fleet:4.64.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "fleet"
          }
        ],
        "category": "vendor",
        "name": "fleetdm"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-27509",
      "product_status": {
        "known_affected": [
          "T041725"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-27509"
    }
  ]
}

OPENSUSE-SU-2025:14889-1

Vulnerability from csaf_opensuse - Published: 2025-03-13 00:00 - Updated: 2025-03-13 00:00

Summary

govulncheck-vulndb-0.0.20250312T181707-1.1 on GA media

Notes

Title of the patch

govulncheck-vulndb-0.0.20250312T181707-1.1 on GA media

Description of the patch

These are all security issues fixed in the govulncheck-vulndb-0.0.20250312T181707-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2025-14889

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "govulncheck-vulndb-0.0.20250312T181707-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20250312T181707-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-14889",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14889-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57603 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57603/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57604 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57604/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-0426 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-0426/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-1243 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-1243/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-1293 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-1293/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-1412 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-1412/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-20051 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-20051/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-22870 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-22870/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-22952 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-22952/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-23387 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-23387/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-23388 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-23388/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-23389 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-23389/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24016 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24016/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24526 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24526/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24806 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24806/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24976 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24976/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-25196 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-25196/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-25199 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-25199/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-25204 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-25204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-25279 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-25279/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-25294 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-25294/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27088 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27088/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27090 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27090/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27100 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27100/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27112 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27112/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27144 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27144/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27155 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27155/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27414 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27414/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27421 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27421/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27507 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27507/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27509 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27509/"
      }
    ],
    "title": "govulncheck-vulndb-0.0.20250312T181707-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-03-13T00:00:00Z",
      "generator": {
        "date": "2025-03-13T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:14889-1",
      "initial_release_date": "2025-03-13T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-03-13T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
                  "product_id": "govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
                  "product_id": "govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
                  "product_id": "govulncheck-vulndb-0.0.20250312T181707-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64",
                  "product_id": "govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-57603",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57603"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57603",
          "url": "https://www.suse.com/security/cve/CVE-2024-57603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57603"
    },
    {
      "cve": "CVE-2024-57604",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57604"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57604",
          "url": "https://www.suse.com/security/cve/CVE-2024-57604"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-57604"
    },
    {
      "cve": "CVE-2025-0426",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-0426"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node\u0027s disk.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-0426",
          "url": "https://www.suse.com/security/cve/CVE-2025-0426"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237189 for CVE-2025-0426",
          "url": "https://bugzilla.suse.com/1237189"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-0426"
    },
    {
      "cve": "CVE-2025-1243",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-1243"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Temporal api-go library prior to version 1.44.1 did not send `update response` information to Data Converter when the proxy package within the api-go module was used in a gRPC proxy prior to transmission. This resulted in  information contained within the `update response` field not having Data Converter transformations (e.g. encryption) applied. This is an issue only when using the UpdateWorkflowExecution APIs (released on 13th January 2025)  with a proxy leveraging the api-go library before version 1.44.1.\n\nOther data fields were correctly sent to Data Converter. This issue does not impact the Data Converter server. Data was encrypted in transit. Temporal Cloud services are not impacted.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-1243",
          "url": "https://www.suse.com/security/cve/CVE-2025-1243"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-1243"
    },
    {
      "cve": "CVE-2025-1293",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-1293"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-1293",
          "url": "https://www.suse.com/security/cve/CVE-2025-1293"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-1293"
    },
    {
      "cve": "CVE-2025-1412",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-1412"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 9.11.x \u003c= 9.11.6, 10.4.x \u003c= 10.4.1 fail to invalidate all active sessions when converting a user to a bot, with allows the converted user to escalate their privileges depending on the permissions granted to the bot.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-1412",
          "url": "https://www.suse.com/security/cve/CVE-2025-1412"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-1412"
    },
    {
      "cve": "CVE-2025-20051",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-20051"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 10.4.x \u003c= 10.4.1, 9.11.x \u003c= 9.11.7, 10.3.x \u003c= 10.3.2, 10.2.x \u003c= 10.2.2 fail to properly validate input when patching and duplicating a board, which allows a user to read any arbitrary file on the system via duplicating a specially crafted block in Boards.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-20051",
          "url": "https://www.suse.com/security/cve/CVE-2025-20051"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2025-20051"
    },
    {
      "cve": "CVE-2025-22870",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-22870"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-22870",
          "url": "https://www.suse.com/security/cve/CVE-2025-22870"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238572 for CVE-2025-22870",
          "url": "https://bugzilla.suse.com/1238572"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238611 for CVE-2025-22870",
          "url": "https://bugzilla.suse.com/1238611"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-22870"
    },
    {
      "cve": "CVE-2025-22952",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-22952"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "elestio memos v0.23.0 is vulnerable to Server-Side Request Forgery (SSRF) due to insufficient validation of user-supplied URLs, which can be exploited to perform SSRF attacks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-22952",
          "url": "https://www.suse.com/security/cve/CVE-2025-22952"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2025-22952"
    },
    {
      "cve": "CVE-2025-23387",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-23387"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowed unauthenticated users to list all CLI authentication tokens and delete them before the CLI is able to get the token value.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-23387",
          "url": "https://www.suse.com/security/cve/CVE-2025-23387"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236656 for CVE-2025-23387",
          "url": "https://bugzilla.suse.com/1236656"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-23387"
    },
    {
      "cve": "CVE-2025-23388",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-23388"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A Stack-based Buffer Overflow vulnerability in SUSE rancher allows for denial of service.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-23388",
          "url": "https://www.suse.com/security/cve/CVE-2025-23388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236668 for CVE-2025-23388",
          "url": "https://bugzilla.suse.com/1236668"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-23388"
    },
    {
      "cve": "CVE-2025-23389",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-23389"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login.\nThis issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-23389",
          "url": "https://www.suse.com/security/cve/CVE-2025-23389"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236780 for CVE-2025-23389",
          "url": "https://bugzilla.suse.com/1236780"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-23389"
    },
    {
      "cve": "CVE-2025-24016",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24016"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24016",
          "url": "https://www.suse.com/security/cve/CVE-2025-24016"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2025-24016"
    },
    {
      "cve": "CVE-2025-24526",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24526"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 10.1.x \u003c= 10.1.3, 10.4.x \u003c= 10.4.1, 9.11.x \u003c= 9.11.7, 10.3.x \u003c= 10.3.2, 10.2.x \u003c= 10.2.2 fail to restrict channel export of archived channels when the \"Allow users to view archived channels\" is disabled  which allows a user to export channel contents when they shouldn\u0027t have access to it",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24526",
          "url": "https://www.suse.com/security/cve/CVE-2025-24526"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-24526"
    },
    {
      "cve": "CVE-2025-24806",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24806"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats these as separate login events. This leads to the regulation limitations being effectively doubled assuming an attacker using brute-force to find a user password. It\u0027s important to note that due to the effective operation of regulation where no user-facing sign of their regulation ban being visible either via timing or via API responses, it\u0027s effectively impossible to determine if a failure occurs due to a bad username password combination, or a effective ban blocking the attempt which heavily mitigates any form of brute-force. This occurs because the records and counting process for this system uses the method utilized for sign in rather than the effective username attribute. This has a minimal impact on account security, this impact is increased naturally in scenarios when there is no two-factor authentication required and weak passwords are used. This makes it a bit easier to brute-force a password. A patch for this issue has been applied to versions 4.38.19, and 4.39.0. Users are advised to upgrade. Users unable to upgrade should 1. Not heavily modify the default settings in a way that ends up with shorter or less frequent regulation bans. The default settings effectively mitigate any potential for this issue to be exploited. and 2. Disable the ability for users to login via an email address.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24806",
          "url": "https://www.suse.com/security/cve/CVE-2025-24806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-24806"
    },
    {
      "cve": "CVE-2025-24976",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24976"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Distribution is a toolkit to pack, ship, store, and deliver container content. Systems running registry versions 3.0.0-beta.1 through 3.0.0-rc.2 with token authentication enabled may be vulnerable to an issue in which token authentication allows an attacker to inject an untrusted signing key in a JSON web token (JWT). The issue lies in how the JSON web key (JWK) verification is performed. When a JWT contains a JWK header without a certificate chain, the code only checks if the KeyID (`kid`) matches one of the trusted keys, but doesn\u0027t verify that the actual key material matches. A fix for the issue is available at commit 5ea9aa028db65ca5665f6af2c20ecf9dc34e5fcd and expected to be a part of version 3.0.0-rc.3. There is no way to work around this issue without patching if the system requires token authentication.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24976",
          "url": "https://www.suse.com/security/cve/CVE-2025-24976"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237074 for CVE-2025-24976",
          "url": "https://bugzilla.suse.com/1237074"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-24976"
    },
    {
      "cve": "CVE-2025-25196",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-25196"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA \u003c v1.8.4 (Helm chart \u003c openfga-0.2.22, docker \u003c v.1.8.4) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Users on OpenFGA v1.8.4 or previous, specifically under the following conditions are affected by this authorization bypass vulnerability: 1. Calling Check API or ListObjects with a model that has a relation directly assignable to both public access AND userset with the same type. 2. A type bound public access tuple is assigned to an object. 3. userset tuple is not assigned to the same object. and 4. Check request\u0027s user field is a userset that has the same type as the type bound public access tuple\u0027s user type. Users are advised to upgrade to v1.8.5 which is backwards compatible. There are no known workarounds for this vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-25196",
          "url": "https://www.suse.com/security/cve/CVE-2025-25196"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-25196"
    },
    {
      "cve": "CVE-2025-25199",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-25199"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation (CNG). Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to `cng.TLS1PRF` don\u0027t release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41 contains a fix for the issue. The fix is included in versions 1.23.6-2 and 1.22.12-2 of the Microsoft build of go, as well as in the pseudoversion 0.0.0-20250211154640-f49c8e1379ea of the `github.com/microsoft/go-crypto-winnative` Go package.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-25199",
          "url": "https://www.suse.com/security/cve/CVE-2025-25199"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-25199"
    },
    {
      "cve": "CVE-2025-25204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-25204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "`gh` is GitHub\u0027s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub\u0027s Artifact Attestation cli tool `gh attestation verify` causes it to return a zero exit status when no attestations are present. This behavior is incorrect: When no attestations are present, `gh attestation verify` should return a non-zero exit status code, thereby signaling verification failure. An attacker can abuse this flaw to, for example, deploy malicious artifacts in any system that uses `gh attestation verify`\u0027s exit codes to gatekeep deployments. Users are advised to update `gh` to patched version `v2.67.0` as soon as possible.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-25204",
          "url": "https://www.suse.com/security/cve/CVE-2025-25204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-25204"
    },
    {
      "cve": "CVE-2025-25279",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-25279"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 10.4.x \u003c= 10.4.1, 9.11.x \u003c= 9.11.7, 10.3.x \u003c= 10.3.2, 10.2.x \u003c= 10.2.2 fail to properly validate board blocks when importing boards which allows an attacker could read any arbitrary file on the system via importing and exporting a specially crafted import archive in Boards.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-25279",
          "url": "https://www.suse.com/security/cve/CVE-2025-25279"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2025-25279"
    },
    {
      "cve": "CVE-2025-25294",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-25294"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. In all Envoy Gateway versions prior to 1.2.7 and 1.3.1 a default Envoy Proxy access log configuration is used. This format is vulnerable to log injection attacks. If the attacker uses a specially crafted user-agent which performs json injection, then he could add and overwrite fields to the access log. This vulnerability is fixed in 1.3.1 and 1.2.7. One can overwrite the old text based default format with JSON formatter by modifying the \"EnvoyProxy.spec.telemetry.accessLog\" setting.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-25294",
          "url": "https://www.suse.com/security/cve/CVE-2025-25294"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-25294"
    },
    {
      "cve": "CVE-2025-27088",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27088"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted domain, posing a moderate risk to all users. It\u0027s possible to inject html elements, including scripts through the folder-list template. The affected template allows users to interact with the URL path provided by the `Request.URL.Path` variable, which is then rendered directly into the HTML without proper sanitization or escaping. This can be abused by attackers who craft a malicious URL containing injected HTML or JavaScript. When users visit such a URL, the malicious script will be executed in the user\u0027s context. This issue has been addressed in version 4.18.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27088",
          "url": "https://www.suse.com/security/cve/CVE-2025-27088"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-27088"
    },
    {
      "cve": "CVE-2025-27090",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27090"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so. The only impact that has been shown is the exposure of the server\u0027s IP address to a third party. This issue has been addressed in version 1.5.43 and all users are advised to upgrade. There are no known workarounds for this vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27090",
          "url": "https://www.suse.com/security/cve/CVE-2025-27090"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-27090"
    },
    {
      "cve": "CVE-2025-27100",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27100"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "lakeFS is an open-source tool that transforms your object storage into a Git-like repository. In affected versions an authenticated user can crash lakeFS by exhausting server memory.  This is an authenticated denial-of-service issue. This problem has been patched in version 1.50.0. Users on versions 1.49.1 and below are affected. Users are advised to upgrade. Users unable to upgrade should either set the environment variable `LAKEFS_BLOCKSTORE_S3_DISABLE_PRE_SIGNED_MULTIPART` to `true` or configure the `disable_pre_signed_multipart` key to true in their config yaml.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27100",
          "url": "https://www.suse.com/security/cve/CVE-2025-27100"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-27100"
    },
    {
      "cve": "CVE-2025-27112",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27112"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Navidrome is an open source web-based music collection server and streamer. Starting in version 0.52.0 and prior to version 0.54.5, in certain Subsonic API endpoints, a flaw in the authentication check process allows an attacker to specify any arbitrary username that does not exist on the system, along with a salted hash of an empty password. Under these conditions, Navidrome treats the request as authenticated, granting access to various Subsonic endpoints without requiring valid credentials. An attacker can use any non-existent username to bypass the authentication system and gain access to various read-only data in Navidrome, such as user playlists. However, any attempt to modify data fails with a \"permission denied\" error due to insufficient permissions, limiting the impact to unauthorized viewing of information. Version 0.54.5 contains a patch for this issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27112",
          "url": "https://www.suse.com/security/cve/CVE-2025-27112"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-27112"
    },
    {
      "cve": "CVE-2025-27144",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27144"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters.  An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27144",
          "url": "https://www.suse.com/security/cve/CVE-2025-27144"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237608 for CVE-2025-27144",
          "url": "https://bugzilla.suse.com/1237608"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237609 for CVE-2025-27144",
          "url": "https://bugzilla.suse.com/1237609"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-27144"
    },
    {
      "cve": "CVE-2025-27155",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27155"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Pinecone is an experimental overlay routing protocol suite which is the foundation of the current P2P Matrix demos. The Pinecone Simulator (pineconesim) included in Pinecone up to commit ea4c337 is vulnerable to stored cross-site scripting. The payload storage is not permanent and will be wiped when restarting pineconesim.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27155",
          "url": "https://www.suse.com/security/cve/CVE-2025-27155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-27155"
    },
    {
      "cve": "CVE-2025-27414",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27414"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "MinIO is a high performance object storage. Starting in RELEASE.2024-06-06T09-36-42Z and prior to \nRELEASE.2025-02-28T09-55-16Z, a bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. On a MinIO server with SFTP access configured and using LDAP as an external identity provider, MinIO supports SSH key based authentication for SFTP connections when the user has the `sshPublicKey` attribute set in their LDAP server. The server trusts the client\u0027s key only when the public key is the same as the `sshPublicKey` attribute. Due to the bug, when the user has no `sshPublicKey` property in LDAP, the server ends up trusting the key allowing the client to perform any FTP operations allowed by the MinIO access policies associated with the LDAP user (or any of their groups). Three requirements must be met in order to exploit the vulnerability. First, the MinIO server must be configured to allow SFTP access and use LDAP as an external identity provider. Second, the attacker must have knowledge of an LDAP username that does not have the `sshPublicKey` property set. Third, such an LDAP username or one of their groups must also have some MinIO access policy configured. When this bug is successfully exploited, the attacker can perform any FTP operations (i.e. reading, writing, deleting and listing objects) allowed by the access policy associated with the LDAP user account (and their groups). Version 1.2.0 fixes the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27414",
          "url": "https://www.suse.com/security/cve/CVE-2025-27414"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-27414"
    },
    {
      "cve": "CVE-2025-27421",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27421"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Abacus is a highly scalable and stateless counting API. A critical goroutine leak vulnerability has been identified in the Abacus server\u0027s Server-Sent Events (SSE) implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources and terminate associated goroutines. This leads to resource exhaustion where the server continues running but eventually stops accepting new SSE connections while maintaining high memory usage. The vulnerability specifically involves improper channel cleanup in the event handling mechanism, causing goroutines to remain blocked indefinitely. This vulnerability is fixed in 1.4.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27421",
          "url": "https://www.suse.com/security/cve/CVE-2025-27421"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-27421"
    },
    {
      "cve": "CVE-2025-27507",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27507"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. ZITADEL\u0027s Admin API contains Insecure Direct Object Reference (IDOR) vulnerabilities that allow authenticated users, without specific IAM roles, to modify sensitive settings. While several endpoints are affected, the most critical vulnerability lies in the ability to manipulate LDAP configurations. Customers who do not utilize LDAP for authentication are not at risk from the most severe aspects of this vulnerability. However, upgrading to the patched version to address all identified issues is strongly recommended. This vulnerability is fixed in 2.71.0, 2.70.1, ,2.69.4, 2.68.4, 2.67.8, 2.66.11, 2.65.6, 2.64.5, and 2.63.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27507",
          "url": "https://www.suse.com/security/cve/CVE-2025-27507"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-27507"
    },
    {
      "cve": "CVE-2025-27509",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27509"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time (JIT) provisioning is enabled, or create new accounts tied to forged assertions if f MDM enrollment is enabled. This vulnerability is fixed in 4.64.2, 4.63.2, 4.62.4, and 4.58.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27509",
          "url": "https://www.suse.com/security/cve/CVE-2025-27509"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-13T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2025-27509"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-27509 (GCVE-0-2025-27509)

GHSA-52JX-G6M5-H735

Impact

Patches

Workarounds

Credit

For more information

FKIE_CVE-2025-27509

WID-SEC-W-2025-0522

OPENSUSE-SU-2025:14889-1

Tags

Sightings

Nomenclature