cvelistv5 - cve-2025-58050

CVE-2025-58050 (GCVE-0-2025-58050)

Vulnerability from cvelistv5 – Published: 2025-08-27 18:47 – Updated: 2025-08-27 19:14

Summary

The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46.

Severity ?

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L

CWE

CWE-125 - Out-of-bounds Read
CWE-122 - Heap-based Buffer Overflow

Assigner

GitHub_M

References

URL

	Vendor	Product	Version
	PCRE2Project	pcre2	Affected: = 10.45

FKIE_CVE-2025-58050

Vulnerability from fkie_nvd - Published: 2025-08-27 19:15 - Updated: 2025-09-09 15:27

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254	Patch
security-advisories@github.com	https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.46	Release Notes
security-advisories@github.com	https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2	Exploit, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2	Exploit, Vendor Advisory

Impacted products

	Vendor	Product	Version
	pcre	pcre2	10.45

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:pcre:pcre2:10.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CD0797B-DF92-41CB-B392-0442CCC30E7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46."
    },
    {
      "lang": "es",
      "value": "La librer\u00eda PCRE2 es un conjunto de funciones de C que implementan la coincidencia de patrones con expresiones regulares. En la versi\u00f3n 10.45, existe una vulnerabilidad de lectura por desbordamiento de b\u00fafer de mont\u00f3n en el motor de coincidencia de expresiones regulares de PCRE2, espec\u00edficamente en la gesti\u00f3n del verbo (*scs:...) (Scan SubString) al combinarse con (*ACCEPT) en src/pcre2_match.c. Esta vulnerabilidad podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n si los datos fuera de los l\u00edmites le\u00eddos durante la memcmp afectan el resultado final de la coincidencia de forma observable para el atacante. Este problema se ha resuelto en la versi\u00f3n 10.46."
    }
  ],
  "id": "CVE-2025-58050",
  "lastModified": "2025-09-09T15:27:39.573",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 6.9,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "LOW",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-08-27T19:15:37.560",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.46"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        },
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

OPENSUSE-SU-2025:15501-1

Vulnerability from csaf_opensuse - Published: 2025-08-29 00:00 - Updated: 2025-08-29 00:00

Summary

libpcre2-16-0-10.46-1.1 on GA media

Notes

Title of the patch

libpcre2-16-0-10.46-1.1 on GA media

Description of the patch

These are all security issues fixed in the libpcre2-16-0-10.46-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2025-15501

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "libpcre2-16-0-10.46-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the libpcre2-16-0-10.46-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15501",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15501-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-58050 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-58050/"
      }
    ],
    "title": "libpcre2-16-0-10.46-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-08-29T00:00:00Z",
      "generator": {
        "date": "2025-08-29T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15501-1",
      "initial_release_date": "2025-08-29T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-08-29T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpcre2-16-0-10.46-1.1.aarch64",
                "product": {
                  "name": "libpcre2-16-0-10.46-1.1.aarch64",
                  "product_id": "libpcre2-16-0-10.46-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-16-0-32bit-10.46-1.1.aarch64",
                "product": {
                  "name": "libpcre2-16-0-32bit-10.46-1.1.aarch64",
                  "product_id": "libpcre2-16-0-32bit-10.46-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-32-0-10.46-1.1.aarch64",
                "product": {
                  "name": "libpcre2-32-0-10.46-1.1.aarch64",
                  "product_id": "libpcre2-32-0-10.46-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-32-0-32bit-10.46-1.1.aarch64",
                "product": {
                  "name": "libpcre2-32-0-32bit-10.46-1.1.aarch64",
                  "product_id": "libpcre2-32-0-32bit-10.46-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-8-0-10.46-1.1.aarch64",
                "product": {
                  "name": "libpcre2-8-0-10.46-1.1.aarch64",
                  "product_id": "libpcre2-8-0-10.46-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-8-0-32bit-10.46-1.1.aarch64",
                "product": {
                  "name": "libpcre2-8-0-32bit-10.46-1.1.aarch64",
                  "product_id": "libpcre2-8-0-32bit-10.46-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-posix3-10.46-1.1.aarch64",
                "product": {
                  "name": "libpcre2-posix3-10.46-1.1.aarch64",
                  "product_id": "libpcre2-posix3-10.46-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-posix3-32bit-10.46-1.1.aarch64",
                "product": {
                  "name": "libpcre2-posix3-32bit-10.46-1.1.aarch64",
                  "product_id": "libpcre2-posix3-32bit-10.46-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-devel-10.46-1.1.aarch64",
                "product": {
                  "name": "pcre2-devel-10.46-1.1.aarch64",
                  "product_id": "pcre2-devel-10.46-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-devel-static-10.46-1.1.aarch64",
                "product": {
                  "name": "pcre2-devel-static-10.46-1.1.aarch64",
                  "product_id": "pcre2-devel-static-10.46-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-doc-10.46-1.1.aarch64",
                "product": {
                  "name": "pcre2-doc-10.46-1.1.aarch64",
                  "product_id": "pcre2-doc-10.46-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-tools-10.46-1.1.aarch64",
                "product": {
                  "name": "pcre2-tools-10.46-1.1.aarch64",
                  "product_id": "pcre2-tools-10.46-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpcre2-16-0-10.46-1.1.ppc64le",
                "product": {
                  "name": "libpcre2-16-0-10.46-1.1.ppc64le",
                  "product_id": "libpcre2-16-0-10.46-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-16-0-32bit-10.46-1.1.ppc64le",
                "product": {
                  "name": "libpcre2-16-0-32bit-10.46-1.1.ppc64le",
                  "product_id": "libpcre2-16-0-32bit-10.46-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-32-0-10.46-1.1.ppc64le",
                "product": {
                  "name": "libpcre2-32-0-10.46-1.1.ppc64le",
                  "product_id": "libpcre2-32-0-10.46-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-32-0-32bit-10.46-1.1.ppc64le",
                "product": {
                  "name": "libpcre2-32-0-32bit-10.46-1.1.ppc64le",
                  "product_id": "libpcre2-32-0-32bit-10.46-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-8-0-10.46-1.1.ppc64le",
                "product": {
                  "name": "libpcre2-8-0-10.46-1.1.ppc64le",
                  "product_id": "libpcre2-8-0-10.46-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-8-0-32bit-10.46-1.1.ppc64le",
                "product": {
                  "name": "libpcre2-8-0-32bit-10.46-1.1.ppc64le",
                  "product_id": "libpcre2-8-0-32bit-10.46-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-posix3-10.46-1.1.ppc64le",
                "product": {
                  "name": "libpcre2-posix3-10.46-1.1.ppc64le",
                  "product_id": "libpcre2-posix3-10.46-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-posix3-32bit-10.46-1.1.ppc64le",
                "product": {
                  "name": "libpcre2-posix3-32bit-10.46-1.1.ppc64le",
                  "product_id": "libpcre2-posix3-32bit-10.46-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-devel-10.46-1.1.ppc64le",
                "product": {
                  "name": "pcre2-devel-10.46-1.1.ppc64le",
                  "product_id": "pcre2-devel-10.46-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-devel-static-10.46-1.1.ppc64le",
                "product": {
                  "name": "pcre2-devel-static-10.46-1.1.ppc64le",
                  "product_id": "pcre2-devel-static-10.46-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-doc-10.46-1.1.ppc64le",
                "product": {
                  "name": "pcre2-doc-10.46-1.1.ppc64le",
                  "product_id": "pcre2-doc-10.46-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-tools-10.46-1.1.ppc64le",
                "product": {
                  "name": "pcre2-tools-10.46-1.1.ppc64le",
                  "product_id": "pcre2-tools-10.46-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpcre2-16-0-10.46-1.1.s390x",
                "product": {
                  "name": "libpcre2-16-0-10.46-1.1.s390x",
                  "product_id": "libpcre2-16-0-10.46-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-16-0-32bit-10.46-1.1.s390x",
                "product": {
                  "name": "libpcre2-16-0-32bit-10.46-1.1.s390x",
                  "product_id": "libpcre2-16-0-32bit-10.46-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-32-0-10.46-1.1.s390x",
                "product": {
                  "name": "libpcre2-32-0-10.46-1.1.s390x",
                  "product_id": "libpcre2-32-0-10.46-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-32-0-32bit-10.46-1.1.s390x",
                "product": {
                  "name": "libpcre2-32-0-32bit-10.46-1.1.s390x",
                  "product_id": "libpcre2-32-0-32bit-10.46-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-8-0-10.46-1.1.s390x",
                "product": {
                  "name": "libpcre2-8-0-10.46-1.1.s390x",
                  "product_id": "libpcre2-8-0-10.46-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-8-0-32bit-10.46-1.1.s390x",
                "product": {
                  "name": "libpcre2-8-0-32bit-10.46-1.1.s390x",
                  "product_id": "libpcre2-8-0-32bit-10.46-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-posix3-10.46-1.1.s390x",
                "product": {
                  "name": "libpcre2-posix3-10.46-1.1.s390x",
                  "product_id": "libpcre2-posix3-10.46-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-posix3-32bit-10.46-1.1.s390x",
                "product": {
                  "name": "libpcre2-posix3-32bit-10.46-1.1.s390x",
                  "product_id": "libpcre2-posix3-32bit-10.46-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-devel-10.46-1.1.s390x",
                "product": {
                  "name": "pcre2-devel-10.46-1.1.s390x",
                  "product_id": "pcre2-devel-10.46-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-devel-static-10.46-1.1.s390x",
                "product": {
                  "name": "pcre2-devel-static-10.46-1.1.s390x",
                  "product_id": "pcre2-devel-static-10.46-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-doc-10.46-1.1.s390x",
                "product": {
                  "name": "pcre2-doc-10.46-1.1.s390x",
                  "product_id": "pcre2-doc-10.46-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-tools-10.46-1.1.s390x",
                "product": {
                  "name": "pcre2-tools-10.46-1.1.s390x",
                  "product_id": "pcre2-tools-10.46-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpcre2-16-0-10.46-1.1.x86_64",
                "product": {
                  "name": "libpcre2-16-0-10.46-1.1.x86_64",
                  "product_id": "libpcre2-16-0-10.46-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-16-0-32bit-10.46-1.1.x86_64",
                "product": {
                  "name": "libpcre2-16-0-32bit-10.46-1.1.x86_64",
                  "product_id": "libpcre2-16-0-32bit-10.46-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-32-0-10.46-1.1.x86_64",
                "product": {
                  "name": "libpcre2-32-0-10.46-1.1.x86_64",
                  "product_id": "libpcre2-32-0-10.46-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-32-0-32bit-10.46-1.1.x86_64",
                "product": {
                  "name": "libpcre2-32-0-32bit-10.46-1.1.x86_64",
                  "product_id": "libpcre2-32-0-32bit-10.46-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-8-0-10.46-1.1.x86_64",
                "product": {
                  "name": "libpcre2-8-0-10.46-1.1.x86_64",
                  "product_id": "libpcre2-8-0-10.46-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-8-0-32bit-10.46-1.1.x86_64",
                "product": {
                  "name": "libpcre2-8-0-32bit-10.46-1.1.x86_64",
                  "product_id": "libpcre2-8-0-32bit-10.46-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-posix3-10.46-1.1.x86_64",
                "product": {
                  "name": "libpcre2-posix3-10.46-1.1.x86_64",
                  "product_id": "libpcre2-posix3-10.46-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpcre2-posix3-32bit-10.46-1.1.x86_64",
                "product": {
                  "name": "libpcre2-posix3-32bit-10.46-1.1.x86_64",
                  "product_id": "libpcre2-posix3-32bit-10.46-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-devel-10.46-1.1.x86_64",
                "product": {
                  "name": "pcre2-devel-10.46-1.1.x86_64",
                  "product_id": "pcre2-devel-10.46-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-devel-static-10.46-1.1.x86_64",
                "product": {
                  "name": "pcre2-devel-static-10.46-1.1.x86_64",
                  "product_id": "pcre2-devel-static-10.46-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-doc-10.46-1.1.x86_64",
                "product": {
                  "name": "pcre2-doc-10.46-1.1.x86_64",
                  "product_id": "pcre2-doc-10.46-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pcre2-tools-10.46-1.1.x86_64",
                "product": {
                  "name": "pcre2-tools-10.46-1.1.x86_64",
                  "product_id": "pcre2-tools-10.46-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-16-0-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.aarch64"
        },
        "product_reference": "libpcre2-16-0-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-16-0-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.ppc64le"
        },
        "product_reference": "libpcre2-16-0-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-16-0-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.s390x"
        },
        "product_reference": "libpcre2-16-0-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-16-0-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.x86_64"
        },
        "product_reference": "libpcre2-16-0-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-16-0-32bit-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.aarch64"
        },
        "product_reference": "libpcre2-16-0-32bit-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-16-0-32bit-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.ppc64le"
        },
        "product_reference": "libpcre2-16-0-32bit-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-16-0-32bit-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.s390x"
        },
        "product_reference": "libpcre2-16-0-32bit-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-16-0-32bit-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.x86_64"
        },
        "product_reference": "libpcre2-16-0-32bit-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-32-0-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.aarch64"
        },
        "product_reference": "libpcre2-32-0-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-32-0-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.ppc64le"
        },
        "product_reference": "libpcre2-32-0-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-32-0-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.s390x"
        },
        "product_reference": "libpcre2-32-0-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-32-0-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.x86_64"
        },
        "product_reference": "libpcre2-32-0-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-32-0-32bit-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.aarch64"
        },
        "product_reference": "libpcre2-32-0-32bit-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-32-0-32bit-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.ppc64le"
        },
        "product_reference": "libpcre2-32-0-32bit-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-32-0-32bit-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.s390x"
        },
        "product_reference": "libpcre2-32-0-32bit-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-32-0-32bit-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.x86_64"
        },
        "product_reference": "libpcre2-32-0-32bit-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-8-0-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.aarch64"
        },
        "product_reference": "libpcre2-8-0-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-8-0-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.ppc64le"
        },
        "product_reference": "libpcre2-8-0-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-8-0-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.s390x"
        },
        "product_reference": "libpcre2-8-0-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-8-0-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.x86_64"
        },
        "product_reference": "libpcre2-8-0-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-8-0-32bit-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.aarch64"
        },
        "product_reference": "libpcre2-8-0-32bit-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-8-0-32bit-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.ppc64le"
        },
        "product_reference": "libpcre2-8-0-32bit-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-8-0-32bit-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.s390x"
        },
        "product_reference": "libpcre2-8-0-32bit-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-8-0-32bit-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.x86_64"
        },
        "product_reference": "libpcre2-8-0-32bit-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-posix3-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.aarch64"
        },
        "product_reference": "libpcre2-posix3-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-posix3-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.ppc64le"
        },
        "product_reference": "libpcre2-posix3-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-posix3-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.s390x"
        },
        "product_reference": "libpcre2-posix3-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-posix3-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.x86_64"
        },
        "product_reference": "libpcre2-posix3-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-posix3-32bit-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.aarch64"
        },
        "product_reference": "libpcre2-posix3-32bit-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-posix3-32bit-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.ppc64le"
        },
        "product_reference": "libpcre2-posix3-32bit-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-posix3-32bit-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.s390x"
        },
        "product_reference": "libpcre2-posix3-32bit-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpcre2-posix3-32bit-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.x86_64"
        },
        "product_reference": "libpcre2-posix3-32bit-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-devel-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.aarch64"
        },
        "product_reference": "pcre2-devel-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-devel-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.ppc64le"
        },
        "product_reference": "pcre2-devel-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-devel-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.s390x"
        },
        "product_reference": "pcre2-devel-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-devel-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.x86_64"
        },
        "product_reference": "pcre2-devel-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-devel-static-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.aarch64"
        },
        "product_reference": "pcre2-devel-static-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-devel-static-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.ppc64le"
        },
        "product_reference": "pcre2-devel-static-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-devel-static-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.s390x"
        },
        "product_reference": "pcre2-devel-static-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-devel-static-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.x86_64"
        },
        "product_reference": "pcre2-devel-static-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-doc-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.aarch64"
        },
        "product_reference": "pcre2-doc-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-doc-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.ppc64le"
        },
        "product_reference": "pcre2-doc-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-doc-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.s390x"
        },
        "product_reference": "pcre2-doc-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-doc-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.x86_64"
        },
        "product_reference": "pcre2-doc-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-tools-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.aarch64"
        },
        "product_reference": "pcre2-tools-10.46-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-tools-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.ppc64le"
        },
        "product_reference": "pcre2-tools-10.46-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-tools-10.46-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.s390x"
        },
        "product_reference": "pcre2-tools-10.46-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pcre2-tools-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.x86_64"
        },
        "product_reference": "pcre2-tools-10.46-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-58050",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-58050"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.s390x",
          "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.x86_64",
          "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.s390x",
          "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.x86_64",
          "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.s390x",
          "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.x86_64",
          "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.s390x",
          "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.x86_64",
          "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.s390x",
          "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.x86_64",
          "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.s390x",
          "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.x86_64",
          "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.s390x",
          "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.x86_64",
          "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.s390x",
          "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.x86_64",
          "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.s390x",
          "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.x86_64",
          "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.s390x",
          "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.x86_64",
          "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.s390x",
          "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.x86_64",
          "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.aarch64",
          "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.ppc64le",
          "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.s390x",
          "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-58050",
          "url": "https://www.suse.com/security/cve/CVE-2025-58050"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248825 for CVE-2025-58050",
          "url": "https://bugzilla.suse.com/1248825"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.s390x",
            "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.s390x",
            "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.s390x",
            "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.s390x",
            "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.s390x",
            "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.s390x",
            "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.s390x",
            "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.s390x",
            "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.x86_64",
            "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.aarch64",
            "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.ppc64le",
            "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.s390x",
            "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-08-29T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-58050"
    }
  ]
}

WID-SEC-W-2025-2034

Vulnerability from csaf_certbund - Published: 2025-09-10 22:00 - Updated: 2025-10-23 22:00

Summary

Erlang/OTP: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Erlang/OTP (Open Telecom Platform) ist eine Sammlung von Bibliotheken und Tools, die auf der Programmiersprache Erlang basieren und für den Aufbau skalierbarer, fehlertoleranter und verteilter Systeme entwickelt wurden.

Angriff

Ein entfernter authentisierter Angreifer oder anonymer Angreifer kann mehrere Schwachstellen in Erlang/OTP ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder vertrauliche Informationen offenzulegen.

Betroffene Betriebssysteme

- Sonstiges - UNIX

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Erlang/OTP (Open Telecom Platform) ist eine Sammlung von Bibliotheken und Tools, die auf der Programmiersprache Erlang basieren und f\u00fcr den Aufbau skalierbarer, fehlertoleranter und verteilter Systeme entwickelt wurden.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter authentisierter Angreifer oder anonymer Angreifer kann mehrere Schwachstellen in Erlang/OTP ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder vertrauliche Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-2034 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2034.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-2034 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2034"
      },
      {
        "category": "external",
        "summary": "Patch Package OTP 28.0.3 Released vom 2025-09-10",
        "url": "https://erlangforums.com/t/patch-package-otp-28-0-3-released"
      },
      {
        "category": "external",
        "summary": "erlang/otp GitHub vom 2025-09-10",
        "url": "https://github.com/erlang/otp/security/advisories/GHSA-pvj7-9652-7h9r"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7777-1 vom 2025-09-25",
        "url": "https://ubuntu.com/security/notices/USN-7777-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7831-1 vom 2025-10-21",
        "url": "https://ubuntu.com/security/notices/USN-7831-1"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-5905C468D2 vom 2025-10-23",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-5905c468d2"
      }
    ],
    "source_lang": "en-US",
    "title": "Erlang/OTP: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-10-23T22:00:00.000+00:00",
      "generator": {
        "date": "2025-10-24T08:35:32.764+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-2034",
      "initial_release_date": "2025-09-10T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-09-10T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-09-11T22:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: EUVD-2025-27676, EUVD-2025-27678, EUVD-2025-27677, EUVD-2025-27679"
        },
        {
          "date": "2025-09-25T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-10-21T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-10-23T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Fedora aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c28.0.3",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c28.0.3",
                  "product_id": "T046922"
                }
              },
              {
                "category": "product_version",
                "name": "28.0.3",
                "product": {
                  "name": "Open Source Erlang/OTP 28.0.3",
                  "product_id": "T046922-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:28.0.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c27.3.4.3",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c27.3.4.3",
                  "product_id": "T046923"
                }
              },
              {
                "category": "product_version",
                "name": "27.3.4.3",
                "product": {
                  "name": "Open Source Erlang/OTP 27.3.4.3",
                  "product_id": "T046923-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:27.3.4.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c26.2.5.15",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c26.2.5.15",
                  "product_id": "T046924"
                }
              },
              {
                "category": "product_version",
                "name": "26.2.5.15",
                "product": {
                  "name": "Open Source Erlang/OTP 26.2.5.15",
                  "product_id": "T046924-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:26.2.5.15"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.3.3",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c5.3.3",
                  "product_id": "T046925"
                }
              },
              {
                "category": "product_version",
                "name": "5.3.3",
                "product": {
                  "name": "Open Source Erlang/OTP 5.3.3",
                  "product_id": "T046925-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:5.3.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.2.11.3",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c5.2.11.3",
                  "product_id": "T046926"
                }
              },
              {
                "category": "product_version",
                "name": "5.2.11.3",
                "product": {
                  "name": "Open Source Erlang/OTP 5.2.11.3",
                  "product_id": "T046926-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:5.2.11.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.1.4.12",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c5.1.4.12",
                  "product_id": "T046927"
                }
              },
              {
                "category": "product_version",
                "name": "5.1.4.12",
                "product": {
                  "name": "Open Source Erlang/OTP 5.1.4.12",
                  "product_id": "T046927-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:5.1.4.12"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c16.0.3",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c16.0.3",
                  "product_id": "T046928"
                }
              },
              {
                "category": "product_version",
                "name": "16.0.3",
                "product": {
                  "name": "Open Source Erlang/OTP 16.0.3",
                  "product_id": "T046928-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:16.0.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Erlang/OTP"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-48038",
      "product_status": {
        "known_affected": [
          "T046922",
          "T046925",
          "T046926",
          "T000126",
          "T046923",
          "T046924",
          "T046927",
          "T046928",
          "74185"
        ]
      },
      "release_date": "2025-09-10T22:00:00.000+00:00",
      "title": "CVE-2025-48038"
    },
    {
      "cve": "CVE-2025-48039",
      "product_status": {
        "known_affected": [
          "T046922",
          "T046925",
          "T046926",
          "T000126",
          "T046923",
          "T046924",
          "T046927",
          "T046928",
          "74185"
        ]
      },
      "release_date": "2025-09-10T22:00:00.000+00:00",
      "title": "CVE-2025-48039"
    },
    {
      "cve": "CVE-2025-48040",
      "product_status": {
        "known_affected": [
          "T046922",
          "T046925",
          "T046926",
          "T000126",
          "T046923",
          "T046924",
          "T046927",
          "T046928",
          "74185"
        ]
      },
      "release_date": "2025-09-10T22:00:00.000+00:00",
      "title": "CVE-2025-48040"
    },
    {
      "cve": "CVE-2025-48041",
      "product_status": {
        "known_affected": [
          "T046922",
          "T046925",
          "T046926",
          "T000126",
          "T046923",
          "T046924",
          "T046927",
          "T046928",
          "74185"
        ]
      },
      "release_date": "2025-09-10T22:00:00.000+00:00",
      "title": "CVE-2025-48041"
    },
    {
      "cve": "CVE-2025-58050",
      "product_status": {
        "known_affected": [
          "T046922",
          "T000126",
          "T046928",
          "74185"
        ]
      },
      "release_date": "2025-09-10T22:00:00.000+00:00",
      "title": "CVE-2025-58050"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-58050 (GCVE-0-2025-58050)

FKIE_CVE-2025-58050

OPENSUSE-SU-2025:15501-1

WID-SEC-W-2025-2034

Tags

Sightings

Nomenclature