CVE-2025-54424 (GCVE-0-2025-54424)
Vulnerability from cvelistv5 – Published: 2025-08-01 23:04 – Updated: 2025-08-04 14:18
VLAI?
Summary
1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate validation, leading to unauthorized interface access. Due to the presence of numerous command execution or high-privilege interfaces in 1Panel, this results in Remote Code Execution (RCE). This is fixed in version 2.0.6. The CVE has been translated from Simplified Chinese using GitHub Copilot.
Severity ?
8.1 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | 1Panel |
Affected:
< 2.0.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54424",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-04T14:17:57.703060Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-04T14:18:25.328Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "1Panel",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate validation, leading to unauthorized interface access. Due to the presence of numerous command execution or high-privilege interfaces in 1Panel, this results in Remote Code Execution (RCE). This is fixed in version 2.0.6. The CVE has been translated from Simplified Chinese using GitHub Copilot."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-01T23:04:38.142Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j"
},
{
"name": "https://github.com/1Panel-dev/1Panel/pull/9698/commits/4003284521f8d31ddaf7215d1c30ab8b4cdb0261",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/1Panel/pull/9698/commits/4003284521f8d31ddaf7215d1c30ab8b4cdb0261"
},
{
"name": "https://github.com/1Panel-dev/1Panel/releases/tag/v2.0.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/1Panel/releases/tag/v2.0.6"
}
],
"source": {
"advisory": "GHSA-8j63-96wh-wh3j",
"discovery": "UNKNOWN"
},
"title": "1Panel Agent Bypasses Certificate Verification Leading to Arbitrary Command Execution"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-54424",
"datePublished": "2025-08-01T23:04:38.142Z",
"dateReserved": "2025-07-21T23:18:10.281Z",
"dateUpdated": "2025-08-04T14:18:25.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-54424\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-08-01T23:15:24.947\",\"lastModified\":\"2025-08-26T16:53:37.203\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate validation, leading to unauthorized interface access. Due to the presence of numerous command execution or high-privilege interfaces in 1Panel, this results in Remote Code Execution (RCE). This is fixed in version 2.0.6. The CVE has been translated from Simplified Chinese using GitHub Copilot.\"},{\"lang\":\"es\",\"value\":\"1Panel es una interfaz web y un servidor MCP que administra sitios web, archivos, contenedores, bases de datos y LLM en un servidor Linux. En las versiones 2.0.5 y anteriores, el protocolo HTTPS utilizado para la comunicaci\u00f3n entre los endpoints del n\u00facleo y del agente presenta una verificaci\u00f3n de certificado incompleta durante la validaci\u00f3n, lo que provoca acceso no autorizado a la interfaz. Debido a la presencia de numerosas interfaces de ejecuci\u00f3n de comandos o con altos privilegios en 1Panel, esto provoca la ejecuci\u00f3n remota de c\u00f3digo (RCE). Esto se solucion\u00f3 en la versi\u00f3n 2.0.6. El CVE se ha traducido del chino simplificado mediante GitHub Copilot.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fit2cloud:1panel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.6\",\"matchCriteriaId\":\"2CD389A9-15C9-4817-A6B8-A830FE7A9D8A\"}]}]}],\"references\":[{\"url\":\"https://github.com/1Panel-dev/1Panel/pull/9698/commits/4003284521f8d31ddaf7215d1c30ab8b4cdb0261\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/1Panel-dev/1Panel/releases/tag/v2.0.6\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-54424\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-04T14:17:57.703060Z\"}}}], \"references\": [{\"url\": \"https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-04T14:18:16.476Z\"}}], \"cna\": {\"title\": \"1Panel Agent Bypasses Certificate Verification Leading to Arbitrary Command Execution\", \"source\": {\"advisory\": \"GHSA-8j63-96wh-wh3j\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"1Panel-dev\", \"product\": \"1Panel\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 2.0.6\"}]}], \"references\": [{\"url\": \"https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j\", \"name\": \"https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/1Panel-dev/1Panel/pull/9698/commits/4003284521f8d31ddaf7215d1c30ab8b4cdb0261\", \"name\": \"https://github.com/1Panel-dev/1Panel/pull/9698/commits/4003284521f8d31ddaf7215d1c30ab8b4cdb0261\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/1Panel-dev/1Panel/releases/tag/v2.0.6\", \"name\": \"https://github.com/1Panel-dev/1Panel/releases/tag/v2.0.6\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate validation, leading to unauthorized interface access. Due to the presence of numerous command execution or high-privilege interfaces in 1Panel, this results in Remote Code Execution (RCE). This is fixed in version 2.0.6. The CVE has been translated from Simplified Chinese using GitHub Copilot.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-77\", \"description\": \"CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-08-01T23:04:38.142Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-54424\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-04T14:18:25.328Z\", \"dateReserved\": \"2025-07-21T23:18:10.281Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-08-01T23:04:38.142Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
GHSA-8J63-96WH-WH3J
Vulnerability from github – Published: 2025-08-01 18:10 – Updated: 2025-08-26 20:26
VLAI?
Summary
1Panel agent certificate verification bypass leading to arbitrary command execution
Details
Project Address: Project Address 1Panel
Official website: https://www.1panel.cn/
Time: 2025 07 26
Version: 1panel V2.0.5
Vulnerability Summary
- First, we introduce the concepts of 1panel v2 Core and Agent. After the new version is released, 1panel adds the node management function, which allows you to control other hosts by adding nodes.
- The HTTPS protocol used for communication between the Core and Agent sides did not fully verify the authenticity of the certificate during certificate verification, resulting in unauthorized interfaces. The presence of a large number of command execution or high-privilege interfaces in the 1panel led to RCE.
Code audit process
- First we go to the Agent HTTP routing fileagent/init/router/router.go
- It was found that the Routersreference function in the function Certificatewas globally checked.agent/middleware/certificate.go
- The discovery Certificatefunction determines c.Request.TLS.HandshakeCompletewhether certificate communication has been performed
- Since c.Request.TLS.HandshakeCompletethe true or false judgment is determined by agent/server/server.gothe code Startfunctiontls.RequireAnyClientCert
Note::Here due to the use of tls.RequireAnyClientCert instead of tls.RequireAndVerifyClientCert,RequireAnyClientCert Only require the client to provide a certificate,Does not verify the issuance of certificates CA,So any self assigned certificate will pass TLS handshake。
- The subsequent Certificatefunction only verified that the CN field of the certificate was panel_client, without verifying the certificate issuer. Finally, it was discovered that the WebSocket connection could bypass Proxy-ID verification.
- Process WebSocket interface (based on the above questions, all processes and other sensitive information can be obtained) routing address: /process/ws the request format is as follows
{
"type": "ps", // 数据类型: ps(进程), ssh(SSH会话), net(网络连接), wget(下载进度)
"pid": 123, // 可选,指定进程ID进行筛选
"name": "process_name", // 可选,根据进程名筛选
"username": "user" // 可选,根据用户名筛选
}
- Terminal SSH WebSocket interface (according to the above problem, any command can be executed) routing address: /hosts/terminal the request format is as follows
{
"type": "cmd",
"data": "d2hvYW1pCg==" // "whoami" 的base64编码,记住不要忘记回车。
}
-
Container Terminal WebSocket interface (container execution command interface) routing address:/containers/terminal
-
File Download Process WebSocket interface (automatically push download progress information) routing address:/files/wget/process
Attack process
-
First generate a fake certificate openssl req -x509 -newkey rsa:2048 -keyout panel_client.key -out panel_client.crt -days 365 -nodes -subj "/CN=panel_client"
-
Then use the certificate to request verification. If the websocket interface is successfully connected, there is a vulnerability.
Severity ?
8.1 (High)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/1Panel-dev/1Panel/core"
},
"ranges": [
{
"events": [
{
"introduced": "1.0.0"
},
{
"fixed": "2.0.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/1Panel-dev/1Panel/core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.0-20250730021757-04b9cbd87a15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-54424"
],
"database_specific": {
"cwe_ids": [
"CWE-295",
"CWE-77"
],
"github_reviewed": true,
"github_reviewed_at": "2025-08-01T18:10:21Z",
"nvd_published_at": "2025-08-01T23:15:24Z",
"severity": "HIGH"
},
"details": "### Project Address: Project Address [1Panel](https://github.com/1Panel-dev/1Panel)\n### Official website: https://www.1panel.cn/\n### Time: 2025 07 26\n### Version: 1panel V2.0.5\n### Vulnerability Summary\n - First, we introduce the concepts of 1panel v2 Core and Agent. After the new version is released, 1panel adds the node management function, which allows you to control other hosts by adding nodes.\n - The HTTPS protocol used for communication between the Core and Agent sides did not fully verify the authenticity of the certificate during certificate verification, resulting in unauthorized interfaces. The presence of a large number of command execution or high-privilege interfaces in the 1panel led to RCE.\n\n\n\n### Code audit process\n\n1. First we go to the Agent HTTP routing fileagent/init/router/router.go\n\n\n\n2. It was found that the Routersreference function in the function Certificatewas globally checked.agent/middleware/certificate.go\n\n\n\n3. The discovery Certificatefunction determines c.Request.TLS.HandshakeCompletewhether certificate communication has been performed\n\n\n\n4. Since c.Request.TLS.HandshakeCompletethe true or false judgment is determined by agent/server/server.gothe code Startfunctiontls.RequireAnyClientCert\n\n\n\nNote:\uff1a`Here due to the use of tls.RequireAnyClientCert instead of tls.RequireAndVerifyClientCert\uff0cRequireAnyClientCert Only require the client to provide a certificate\uff0cDoes not verify the issuance of certificates CA\uff0cSo any self assigned certificate will pass TLS handshake\u3002`\n\n5. The subsequent Certificatefunction only verified that the CN field of the certificate was panel_client, without verifying the certificate issuer. Finally, it was discovered that the WebSocket connection could bypass Proxy-ID verification.\n\n\n\n6. Process WebSocket interface (based on the above questions, all processes and other sensitive information can be obtained)\nrouting address: /process/ws\nthe request format is as follows\n```\n{\n \"type\": \"ps\", // \u6570\u636e\u7c7b\u578b: ps(\u8fdb\u7a0b), ssh(SSH\u4f1a\u8bdd), net(\u7f51\u7edc\u8fde\u63a5), wget(\u4e0b\u8f7d\u8fdb\u5ea6)\n \"pid\": 123, // \u53ef\u9009\uff0c\u6307\u5b9a\u8fdb\u7a0bID\u8fdb\u884c\u7b5b\u9009\n \"name\": \"process_name\", // \u53ef\u9009\uff0c\u6839\u636e\u8fdb\u7a0b\u540d\u7b5b\u9009\n \"username\": \"user\" // \u53ef\u9009\uff0c\u6839\u636e\u7528\u6237\u540d\u7b5b\u9009\n}\n```\n\n\n - Terminal SSH WebSocket interface (according to the above problem, any command can be executed)\nrouting address: /hosts/terminal\nthe request format is as follows\n```\n{\n \"type\": \"cmd\",\n \"data\": \"d2hvYW1pCg==\" // \"whoami\" \u7684base64\u7f16\u7801\uff0c\u8bb0\u4f4f\u4e0d\u8981\u5fd8\u8bb0\u56de\u8f66\u3002\n}\n```\n\n\n - Container Terminal WebSocket interface (container execution command interface)\nrouting address:/containers/terminal\n \n - File Download Process WebSocket interface (automatically push download progress information)\nrouting address:/files/wget/process\n\n### Attack process\n\n1. First generate a fake certificate\nopenssl req -x509 -newkey rsa:2048 -keyout panel_client.key -out panel_client.crt -days 365 -nodes -subj \"/CN=panel_client\"\n\n2. Then use the certificate to request verification. If the websocket interface is successfully connected, there is a vulnerability.\n\n\n\n",
"id": "GHSA-8j63-96wh-wh3j",
"modified": "2025-08-26T20:26:49Z",
"published": "2025-08-01T18:10:21Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54424"
},
{
"type": "WEB",
"url": "https://github.com/1Panel-dev/1Panel/pull/9698/commits/4003284521f8d31ddaf7215d1c30ab8b4cdb0261"
},
{
"type": "PACKAGE",
"url": "https://github.com/1Panel-dev/1Panel"
},
{
"type": "WEB",
"url": "https://github.com/1Panel-dev/1Panel/releases/tag/v2.0.6"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2025-3834"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "1Panel agent certificate verification bypass leading to arbitrary command execution"
}
FKIE_CVE-2025-54424
Vulnerability from fkie_nvd - Published: 2025-08-01 23:15 - Updated: 2025-08-26 16:53
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate validation, leading to unauthorized interface access. Due to the presence of numerous command execution or high-privilege interfaces in 1Panel, this results in Remote Code Execution (RCE). This is fixed in version 2.0.6. The CVE has been translated from Simplified Chinese using GitHub Copilot.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fit2cloud:1panel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD389A9-15C9-4817-A6B8-A830FE7A9D8A",
"versionEndExcluding": "2.0.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate validation, leading to unauthorized interface access. Due to the presence of numerous command execution or high-privilege interfaces in 1Panel, this results in Remote Code Execution (RCE). This is fixed in version 2.0.6. The CVE has been translated from Simplified Chinese using GitHub Copilot."
},
{
"lang": "es",
"value": "1Panel es una interfaz web y un servidor MCP que administra sitios web, archivos, contenedores, bases de datos y LLM en un servidor Linux. En las versiones 2.0.5 y anteriores, el protocolo HTTPS utilizado para la comunicaci\u00f3n entre los endpoints del n\u00facleo y del agente presenta una verificaci\u00f3n de certificado incompleta durante la validaci\u00f3n, lo que provoca acceso no autorizado a la interfaz. Debido a la presencia de numerosas interfaces de ejecuci\u00f3n de comandos o con altos privilegios en 1Panel, esto provoca la ejecuci\u00f3n remota de c\u00f3digo (RCE). Esto se solucion\u00f3 en la versi\u00f3n 2.0.6. El CVE se ha traducido del chino simplificado mediante GitHub Copilot."
}
],
"id": "CVE-2025-54424",
"lastModified": "2025-08-26T16:53:37.203",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-08-01T23:15:24.947",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/1Panel-dev/1Panel/pull/9698/commits/4003284521f8d31ddaf7215d1c30ab8b4cdb0261"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/1Panel-dev/1Panel/releases/tag/v2.0.6"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
OPENSUSE-SU-2025:15434-1
Vulnerability from csaf_opensuse - Published: 2025-08-12 00:00 - Updated: 2025-08-12 00:00Summary
govulncheck-vulndb-0.0.20250811T192933-1.1 on GA media
Notes
Title of the patch
govulncheck-vulndb-0.0.20250811T192933-1.1 on GA media
Description of the patch
These are all security issues fixed in the govulncheck-vulndb-0.0.20250811T192933-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15434
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "govulncheck-vulndb-0.0.20250811T192933-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20250811T192933-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15434",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15434-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-21411 page",
"url": "https://www.suse.com/security/cve/CVE-2021-21411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-44779 page",
"url": "https://www.suse.com/security/cve/CVE-2025-44779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-50738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-50738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53534 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53942 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54386 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54388 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54410 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54424 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54424/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54576 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54799 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54801 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54998 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54999 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5999 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6004 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6011 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6015 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6037 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-7195 page",
"url": "https://www.suse.com/security/cve/CVE-2025-7195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-8341 page",
"url": "https://www.suse.com/security/cve/CVE-2025-8341/"
}
],
"title": "govulncheck-vulndb-0.0.20250811T192933-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-12T00:00:00Z",
"generator": {
"date": "2025-08-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15434-1",
"initial_release_date": "2025-08-12T00:00:00Z",
"revision_history": [
{
"date": "2025-08-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"product": {
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"product_id": "govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"product": {
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"product_id": "govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"product": {
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"product_id": "govulncheck-vulndb-0.0.20250811T192933-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64",
"product": {
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64",
"product_id": "govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64"
},
"product_reference": "govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le"
},
"product_reference": "govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x"
},
"product_reference": "govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
},
"product_reference": "govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-21411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-21411"
}
],
"notes": [
{
"category": "general",
"text": "OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The `--gitlab-group` flag for group-based authorization in the GitLab provider stopped working in the v7.0.0 release. Regardless of the flag settings, authorization wasn\u0027t restricted. Additionally, any authenticated users had whichever groups were set in `--gitlab-group` added to the new `X-Forwarded-Groups` header to the upstream application. While adding GitLab project based authorization support in #630, a bug was introduced where the user session\u0027s groups field was populated with the `--gitlab-group` config entries instead of pulling the individual user\u0027s group membership from the GitLab Userinfo endpoint. When the session groups where compared against the allowed groups for authorization, they matched improperly (since both lists were populated with the same data) so authorization was allowed. This impacts GitLab Provider users who relies on group membership for authorization restrictions. Any authenticated users in your GitLab environment can access your applications regardless of `--gitlab-group` membership restrictions. This is patched in v7.1.0. There is no workaround for the Group membership bug. But `--gitlab-project` can be set to use Project membership as the authorization checks instead of groups; it is not broken.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-21411",
"url": "https://www.suse.com/security/cve/CVE-2021-21411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-21411"
},
{
"cve": "CVE-2025-44779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-44779"
}
],
"notes": [
{
"category": "general",
"text": "An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-44779",
"url": "https://www.suse.com/security/cve/CVE-2025-44779"
},
{
"category": "external",
"summary": "SUSE Bug 1247810 for CVE-2025-44779",
"url": "https://bugzilla.suse.com/1247810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-44779"
},
{
"cve": "CVE-2025-50738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-50738"
}
],
"notes": [
{
"category": "general",
"text": "The Memos application, up to version v0.24.3, allows for the embedding of markdown images with arbitrary URLs. When a user views a memo containing such an image, their browser automatically fetches the image URL without explicit user consent or interaction beyond viewing the memo. This can be exploited by an attacker to disclose the viewing user\u0027s IP address, browser User-Agent string, and potentially other request-specific information to the attacker-controlled server, leading to information disclosure and user tracking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-50738",
"url": "https://www.suse.com/security/cve/CVE-2025-50738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-50738"
},
{
"cve": "CVE-2025-53534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53534"
}
],
"notes": [
{
"category": "general",
"text": "RatPanel is a server operation and maintenance management panel. In versions 2.3.19 through 2.5.5, when an attacker obtains the backend login path of RatPanel (including but not limited to weak default paths, brute-force cracking, etc.), they can execute system commands or take over hosts managed by the panel without logging in. In addition to this remote code execution (RCE) vulnerability, the flawed code also leads to unauthorized access. RatPanel uses the CleanPath middleware provided by github.com/go-chi/chi package to clean URLs, but but the middleware does not process r.URL.Path, which can cause the paths to be misinterpreted. This is fixed in version 2.5.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53534",
"url": "https://www.suse.com/security/cve/CVE-2025-53534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2025-53534"
},
{
"cve": "CVE-2025-53942",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53942"
}
],
"notes": [
{
"category": "general",
"text": "authentik is an open-source Identity Provider that emphasizes flexibility and versatility, with support for a wide set of protocols. In versions 2025.4.4 and earlier, as well as versions 2025.6.0-rc1 through 2025.6.3, deactivated users who registered through OAuth/SAML or linked their accounts to OAuth/SAML providers can still retain partial access to the system despite their accounts being deactivated. They end up in a half-authenticated state where they cannot access the API but crucially they can authorize applications if they know the URL of the application. To workaround this issue, developers can add an expression policy to the user login stage on the respective authentication flow with the expression of return request.context[\"pending_user\"].is_active. This modification ensures that the return statement only activates the user login stage when the user is active. This issue is fixed in versions authentik 2025.4.4 and 2025.6.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53942",
"url": "https://www.suse.com/security/cve/CVE-2025-53942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-53942"
},
{
"cve": "CVE-2025-54386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54386"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an HTTP reverse proxy and load balancer. In versions 2.11.27 and below, 3.0.0 through 3.4.4 and 3.5.0-rc1, a path traversal vulnerability was discovered in WASM Traefik\u0027s plugin installation mechanism. By supplying a maliciously crafted ZIP archive containing file paths with ../ sequences, an attacker can overwrite arbitrary files on the system outside of the intended plugin directory. This can lead to remote code execution (RCE), privilege escalation, persistence, or denial of service. This is fixed in versions 2.11.28, 3.4.5 and 3.5.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54386",
"url": "https://www.suse.com/security/cve/CVE-2025-54386"
},
{
"category": "external",
"summary": "SUSE Bug 1247524 for CVE-2025-54386",
"url": "https://bugzilla.suse.com/1247524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-54386"
},
{
"cve": "CVE-2025-54388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54388"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54388",
"url": "https://www.suse.com/security/cve/CVE-2025-54388"
},
{
"category": "external",
"summary": "SUSE Bug 1247367 for CVE-2025-54388",
"url": "https://bugzilla.suse.com/1247367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-54388"
},
{
"cve": "CVE-2025-54410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54410"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create iptables rules that isolate bridge networks, allowing any container to access all ports on any other container across different bridge networks on the same host. This breaks network segmentation between containers that should be isolated, creating significant risk in multi-tenant environments. Only containers in --internal networks remain protected.\nWorkarounds include reloading firewalld and either restarting the docker daemon, re-creating bridge networks, or using rootless mode. Maintainers anticipate a fix for this issue in version 25.0.13.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54410",
"url": "https://www.suse.com/security/cve/CVE-2025-54410"
},
{
"category": "external",
"summary": "SUSE Bug 1247392 for CVE-2025-54410",
"url": "https://bugzilla.suse.com/1247392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-54410"
},
{
"cve": "CVE-2025-54424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54424"
}
],
"notes": [
{
"category": "general",
"text": "1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate validation, leading to unauthorized interface access. Due to the presence of numerous command execution or high-privilege interfaces in 1Panel, this results in Remote Code Execution (RCE). This is fixed in version 2.0.6. The CVE has been translated from Simplified Chinese using GitHub Copilot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54424",
"url": "https://www.suse.com/security/cve/CVE-2025-54424"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-54424"
},
{
"cve": "CVE-2025-54576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54576"
}
],
"notes": [
{
"category": "general",
"text": "OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In versions 7.10.0 and below, oauth2-proxy deployments are vulnerable when using the skip_auth_routes configuration option with regex patterns. Attackers can bypass authentication by crafting URLs with query parameters that satisfy configured regex patterns, allowing unauthorized access to protected resources. The issue stems from skip_auth_routes matching against the full request URI. Deployments using skip_auth_routes with regex patterns containing wildcards or broad matching patterns are most at risk. This issue is fixed in version 7.11.0. Workarounds include: auditing all skip_auth_routes configurations for overly permissive patterns, replacing wildcard patterns with exact path matches where possible, ensuring regex patterns are properly anchored (starting with ^ and ending with $), or implementing custom validation that strips query parameters before regex matching.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54576",
"url": "https://www.suse.com/security/cve/CVE-2025-54576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-54576"
},
{
"cve": "CVE-2025-54799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54799"
}
],
"notes": [
{
"category": "general",
"text": "Let\u0027s Encrypt client and ACME library written in Go (Lego). In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package (thus the lego library and the lego cli as well) don\u0027t enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME challenge over unencrypted HTTP, the ACME protocol requires HTTPS when a client communicates with the CA to performs ACME functions. However, the library fails to enforce HTTPS both in the original discover URL (configured by the library user) and in the subsequent addresses returned by the CAs in the directory and order objects. If users input HTTP URLs or CAs misconfigure endpoints, protocol operations occur over HTTP instead of HTTPS. This compromises privacy by exposing request/response details like account and request identifiers to network attackers. This was fixed in version 4.25.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54799",
"url": "https://www.suse.com/security/cve/CVE-2025-54799"
},
{
"category": "external",
"summary": "SUSE Bug 1247743 for CVE-2025-54799",
"url": "https://bugzilla.suse.com/1247743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-54799"
},
{
"cve": "CVE-2025-54801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54801"
}
],
"notes": [
{
"category": "general",
"text": "Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber\u0027s Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index (e.g., test.18446744073704), the application crashes due to an out-of-bounds slice allocation in the underlying schema decoder. The root cause is that the decoder attempts to allocate a slice of length idx + 1 without validating whether the index is within a safe or reasonable range. If the idx is excessively large, this leads to an integer overflow or memory exhaustion, causing a panic or crash. This is fixed in version 2.52.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54801",
"url": "https://www.suse.com/security/cve/CVE-2025-54801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2025-54801"
},
{
"cve": "CVE-2025-54996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54996"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to the root policy. While the identity system allowed adding arbitrary policies, which in turn could contain capability grants on arbitrary paths, the root policy was restricted to manual generation using unseal or recovery key shares. The global root policy was not accessible from child namespaces. This issue is fixed in version 2.3.2. To workaround this vulnerability, use of denied_parameters in any policy which has access to the affected identity endpoints (on identity entities) may be sufficient to prohibit this type of attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54996",
"url": "https://www.suse.com/security/cve/CVE-2025-54996"
},
{
"category": "external",
"summary": "SUSE Bug 1247888 for CVE-2025-54996",
"url": "https://bugzilla.suse.com/1247888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-54996"
},
{
"cve": "CVE-2025-54997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54997"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, some OpenBao deployments intentionally limit privileged API operators from executing system code or making network connections. However, these operators can bypass both restrictions through the audit subsystem by manipulating log prefixes. This allows unauthorized code execution and network access that violates the intended security model. This issue is fixed in version 2.3.2. To workaround, users can block access to sys/audit/* endpoints using explicit deny policies, but root operators cannot be restricted this way.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54997",
"url": "https://www.suse.com/security/cve/CVE-2025-54997"
},
{
"category": "external",
"summary": "SUSE Bug 1247889 for CVE-2025-54997",
"url": "https://bugzilla.suse.com/1247889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-54997"
},
{
"cve": "CVE-2025-54998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54998"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, attackers could bypass the automatic user lockout mechanisms in the OpenBao Userpass or LDAP auth systems. This was caused by different aliasing between pre-flight and full login request user entity alias attributions. This is fixed in version 2.3.2. To work around this issue, existing users may apply rate-limiting quotas on the authentication endpoints:, see https://openbao.org/api-docs/system/rate-limit-quotas/.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54998",
"url": "https://www.suse.com/security/cve/CVE-2025-54998"
},
{
"category": "external",
"summary": "SUSE Bug 1247890 for CVE-2025-54998",
"url": "https://bugzilla.suse.com/1247890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-54998"
},
{
"cve": "CVE-2025-54999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54999"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, when using OpenBao\u0027s userpass auth method, user enumeration was possible due to timing difference between non-existent users and users with stored credentials. This is independent of whether the supplied credentials were valid for the given user. This issue was fixed in version 2.3.2. To work around this issue, users may use another auth method or apply rate limiting quotas to limit the number of requests in a period of time: https://openbao.org/api-docs/system/rate-limit-quotas/.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54999",
"url": "https://www.suse.com/security/cve/CVE-2025-54999"
},
{
"category": "external",
"summary": "SUSE Bug 1247891 for CVE-2025-54999",
"url": "https://bugzilla.suse.com/1247891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-54999"
},
{
"cve": "CVE-2025-55000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55000"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, OpenBao\u0027s TOTP secrets engine could accept valid codes multiple times rather than strictly-once. This was caused by unexpected normalization in the underlying TOTP library. To work around, ensure that all codes are first normalized before submitting to the OpenBao endpoint. TOTP code verification is a privileged action; only trusted systems should be verifying codes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55000",
"url": "https://www.suse.com/security/cve/CVE-2025-55000"
},
{
"category": "external",
"summary": "SUSE Bug 1247892 for CVE-2025-55000",
"url": "https://bugzilla.suse.com/1247892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-55000"
},
{
"cve": "CVE-2025-55001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55001"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the underlying auth method. When the username_as_alias=true parameter in the LDAP auth method was in use, the caller-supplied username was used verbatim without normalization, allowing an attacker to bypass alias-specific MFA requirements. This issue was fixed in version 2.3.2. To work around this, remove all usage of the username_as_alias=true parameter and update any entity aliases accordingly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55001",
"url": "https://www.suse.com/security/cve/CVE-2025-55001"
},
{
"category": "external",
"summary": "SUSE Bug 1247893 for CVE-2025-55001",
"url": "https://bugzilla.suse.com/1247893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-55001"
},
{
"cve": "CVE-2025-55003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55003"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao\u0027s Login Multi-Factor Authentication (MFA) system allows enforcing MFA using Time-based One Time Password (TOTP). Due to normalization applied by the underlying TOTP library, codes were accepted which could contain whitespace; this whitespace could bypass internal rate limiting of the MFA method and allow reuse of existing MFA codes. This issue was fixed in version 2.3.2. To work around this, use of rate-limiting quotas can limit an attacker\u0027s ability to exploit this: https://openbao.org/api-docs/system/rate-limit-quotas/.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55003",
"url": "https://www.suse.com/security/cve/CVE-2025-55003"
},
{
"category": "external",
"summary": "SUSE Bug 1247894 for CVE-2025-55003",
"url": "https://bugzilla.suse.com/1247894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-55003"
},
{
"cve": "CVE-2025-5999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5999"
}
],
"notes": [
{
"category": "general",
"text": "A privileged Vault operator with write permissions to the root namespace\u0027s identity endpoint could escalate their own or another user\u0027s token privileges to Vault\u0027s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5999",
"url": "https://www.suse.com/security/cve/CVE-2025-5999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-5999"
},
{
"cve": "CVE-2025-6000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6000"
}
],
"notes": [
{
"category": "general",
"text": "A privileged Vault operator within the root namespace with write permission to {{sys/audit}} may obtain code execution on the underlying host if a plugin directory is set in Vault\u0027s configuration. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6000",
"url": "https://www.suse.com/security/cve/CVE-2025-6000"
},
{
"category": "external",
"summary": "SUSE Bug 1247546 for CVE-2025-6000",
"url": "https://bugzilla.suse.com/1247546"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-6000"
},
{
"cve": "CVE-2025-6004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6004"
}
],
"notes": [
{
"category": "general",
"text": "Vault and Vault Enterprise\u0027s (\"Vault\") user lockout feature could be bypassed for Userpass and LDAP authentication methods. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6004",
"url": "https://www.suse.com/security/cve/CVE-2025-6004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-6004"
},
{
"cve": "CVE-2025-6011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6011"
}
],
"notes": [
{
"category": "general",
"text": "A timing side channel in Vault and Vault Enterprise\u0027s (\"Vault\") userpass auth method allowed an attacker to distinguish between existing and non-existing users, and potentially enumerate valid usernames for Vault\u0027s Userpass auth method. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6011",
"url": "https://www.suse.com/security/cve/CVE-2025-6011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-6011"
},
{
"cve": "CVE-2025-6013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6013"
}
],
"notes": [
{
"category": "general",
"text": "Vault and Vault Enterprise\u0027s (\"Vault\") ldap auth method may not have correctly enforced MFA if username_as_alias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and 1.16.24.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6013",
"url": "https://www.suse.com/security/cve/CVE-2025-6013"
},
{
"category": "external",
"summary": "SUSE Bug 1247698 for CVE-2025-6013",
"url": "https://bugzilla.suse.com/1247698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-6013"
},
{
"cve": "CVE-2025-6014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6014"
}
],
"notes": [
{
"category": "general",
"text": "Vault and Vault Enterprise\u0027s (\"Vault\") TOTP Secrets Engine code validation endpoint is susceptible to code reuse within its validity period. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6014",
"url": "https://www.suse.com/security/cve/CVE-2025-6014"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-6014"
},
{
"cve": "CVE-2025-6015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6015"
}
],
"notes": [
{
"category": "general",
"text": "Vault and Vault Enterprise\u0027s (\"Vault\") login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6015",
"url": "https://www.suse.com/security/cve/CVE-2025-6015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-6015"
},
{
"cve": "CVE-2025-6037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6037"
}
],
"notes": [
{
"category": "general",
"text": "Vault and Vault Enterprise (\"Vault\") TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as [+trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/cert#certificate]. In this configuration, an attacker may be able to craft a malicious certificate that could be used to impersonate another user. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6037",
"url": "https://www.suse.com/security/cve/CVE-2025-6037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-6037"
},
{
"cve": "CVE-2025-7195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-7195"
}
],
"notes": [
{
"category": "general",
"text": "Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images. \n\nIn affected images, the /etc/passwd file is created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-7195",
"url": "https://www.suse.com/security/cve/CVE-2025-7195"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-7195"
},
{
"cve": "CVE-2025-8341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-8341"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints.\n\n\nIf the plugin was configured to allow only certain URLs, an attacker could bypass this restriction using a specially crafted URL. This vulnerability is fixed in version 3.4.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-8341",
"url": "https://www.suse.com/security/cve/CVE-2025-8341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250811T192933-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-8341"
}
]
}
CNVD-2025-17932
Vulnerability from cnvd - Published: 2025-08-08
VLAI Severity ?
Title
1Panel命令注入漏洞
Description
1Panel是中国1Panel社区的一个开源的Linux服务器运维管理面板。
1Panel存在命令注入漏洞,该漏洞源于证书验证不完整,攻击者可利用该漏洞导致远程代码执行。
Severity
高
Patch Name
1Panel命令注入漏洞的补丁
Patch Description
1Panel是中国1Panel社区的一个开源的Linux服务器运维管理面板。
1Panel存在命令注入漏洞,该漏洞源于证书验证不完整,攻击者可利用该漏洞导致远程代码执行。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可联系供应商获得补丁信息: https://github.com/1Panel-dev/1Panel/releases
Reference
https://nvd.nist.gov/vuln/detail/CVE-2025-54424
Impacted products
| Name | 1panel 1panel <=2.0.5 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2025-54424"
}
},
"description": "1Panel\u662f\u4e2d\u56fd1Panel\u793e\u533a\u7684\u4e00\u4e2a\u5f00\u6e90\u7684Linux\u670d\u52a1\u5668\u8fd0\u7ef4\u7ba1\u7406\u9762\u677f\u3002\n\n1Panel\u5b58\u5728\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8bc1\u4e66\u9a8c\u8bc1\u4e0d\u5b8c\u6574\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002",
"formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://github.com/1Panel-dev/1Panel/releases",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-17932",
"openTime": "2025-08-08",
"patchDescription": "1Panel\u662f\u4e2d\u56fd1Panel\u793e\u533a\u7684\u4e00\u4e2a\u5f00\u6e90\u7684Linux\u670d\u52a1\u5668\u8fd0\u7ef4\u7ba1\u7406\u9762\u677f\u3002\r\n\r\n1Panel\u5b58\u5728\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8bc1\u4e66\u9a8c\u8bc1\u4e0d\u5b8c\u6574\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "1Panel\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "1panel 1panel \u003c=2.0.5"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-54424",
"serverity": "\u9ad8",
"submitTime": "2025-08-08",
"title": "1Panel\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…